ipsnews.net Open in urlscan Pro
67.43.4.144 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-r...
Submission Tags: falconsandbox
Submission: On May 04 via api (May 4th 2023, 7:12:25 am UTC) from US — Scanned from DE

Summary HTTP 190 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 42 IPs in 6 countries across 39 domains to perform 190 HTTP transactions. The main IP is 67.43.4.144, located in Lansing, United States and belongs to LIQUIDWEB, US. The main domain is ipsnews.net. The Cisco Umbrella rank of the primary domain is 564584.
TLS certificate: Issued by R3 on March 8th 2023. Valid for: 3 months.

This is the only time ipsnews.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	67.43.4.144 67.43.4.144	32244 (LIQUIDWEB) (LIQUIDWEB)
5	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	179.43.113.26 179.43.113.26	27823 (Dattatec.com) (Dattatec.com)
19	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
9	164.92.205.110 164.92.205.110	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	164.90.191.120 164.90.191.120	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
2	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	108.61.221.118 108.61.221.118	20473 (AS-CHOOPA) (AS-CHOOPA)
22	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
3 6	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
36	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4023:140f::5e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:3::9	15169 (GOOGLE) (GOOGLE)
3	185.29.132.246 185.29.132.246	() ()
4	144.76.238.55 144.76.238.55	() ()
1	2.18.233.201 2.18.233.201	() ()
3	178.63.52.121 178.63.52.121	() ()
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	() ()
1 1	151.101.130.49 151.101.130.49	() ()
1 12	172.217.18.2 172.217.18.2	() ()
1 1	34.91.62.186 34.91.62.186	() ()
2 2	35.190.0.66 35.190.0.66	() ()
1 1	2a05:d018:d29... 2a05:d018:d29:3602:c8cd:afe4:1960:d0d5	() ()
2 2	37.157.6.254 37.157.6.254	() ()
1	2a0b:4d07:102::1 2a0b:4d07:102::1	() ()
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	() ()
1	167.233.14.134 167.233.14.134	() ()
1	35.178.52.145 35.178.52.145	() ()
1	23.210.125.176 23.210.125.176	() ()
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	() ()
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	() ()
2 2	54.93.45.240 54.93.45.240	() ()
1	178.250.1.9 178.250.1.9	() ()
2 2	185.64.190.78 185.64.190.78	() ()
2 2	185.80.39.216 185.80.39.216	() ()
1	18.66.147.120 18.66.147.120	() ()
1	99.86.4.52 99.86.4.52	() ()
190	42

19 67.43.4.144 (Lansing, United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.ipsnews.net

ipsnews.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 179.43.113.26 (Rosario, Argentina)

ASN27823 (Dattatec.com, AR)
PTR: sd-1919030-l.dattaweb.com

ipsnoticias.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 164.92.205.110 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

w.ad.style	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 164.90.191.120 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

widgets.ad.style	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.61.221.118 (City of London, United Kingdom)

ASN20473 (AS-CHOOPA, US)
PTR: 108.61.221.118.vultrusercontent.com

pubtagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4023:140f::5e (Columbus, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:3::9 (Ireland)

ASN15169 (GOOGLE, US)

r4---sn-5hne6ns6.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.246 (None, )

ASN- ()

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.238.55 (None, )

ASN- ()

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (None, )

ASN- ()

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.63.52.121 (None, )

ASN- ()

hal900020.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (None, )

ASN- ()

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (None, ) 1 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.18.2 (None, ) 1 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (None, ) 1 redirects

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (None, ) 2 redirects

ASN- ()

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:c8cd:afe4:1960:d0d5 (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.254 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (None, )

ASN- ()

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (None, ) 1 redirects

ASN- ()

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.14.134 (None, )

ASN- ()

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.178.52.145 (None, )

ASN- ()

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.125.176 (None, )

ASN- ()

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.45.240 (None, ) 2 redirects

ASN- ()

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (None, ) 2 redirects

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (None, ) 2 redirects

ASN- ()

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.120 (None, )

ASN- ()

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.52 (None, )

ASN- ()

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 94 tpc.googlesyndication.com — Cisco Umbrella Rank: 137	751 KB
35	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 74 cm.g.doubleclick.net	211 KB
19	ipsnews.net ipsnews.net — Cisco Umbrella Rank: 564584	451 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	180 KB
10	ad.style w.ad.style — Cisco Umbrella Rank: 104224 widgets.ad.style — Cisco Umbrella Rank: 136656	262 KB
9	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 70	2 KB
7	redintelligence.net hal9000.redintelligence.net hal900020.redintelligence.net	259 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	294 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	4 KB
4	mathtag.com tags.mathtag.com pixel.mathtag.com	3 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6386 adservice.google.de — Cisco Umbrella Rank: 9108	1 KB
4	media.net contextual.media.net — Cisco Umbrella Rank: 603 lg3.media.net — Cisco Umbrella Rank: 5362	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	turn.com 1 redirects ad.turn.com r.turn.com	869 B
2	retailads.net 1 redirects cdn.retailads.net	6 KB
2	adform.net 2 redirects c1.adform.net	1 KB
2	travelaudience.com 2 redirects ads.travelaudience.com	950 B
2	gvt1.com 1 redirects redirector.gvt1.com — Cisco Umbrella Rank: 3929 r4---sn-5hne6ns6.gvt1.com	1 MB
2	pubtagmanager.com pubtagmanager.com — Cisco Umbrella Rank: 105488	574 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	86 KB
1	webgains.team cdn.track.production.webgains.team	3 KB
1	webgains.io analytics.webgains.io	31 KB
1	criteo.com dis.criteo.com	363 B
1	quantserve.com cms.quantserve.com	464 B
1	awin1.com www.awin1.com	704 B
1	webgains.com track.webgains.com	2 KB
1	futalis.de futalis.de	401 B
1	office-partner.de adv.office-partner.de	931 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	713 B
1	simpli.fi 1 redirects um.simpli.fi	716 B
1	everesttech.net 1 redirects sync-tm.everesttech.net	543 B
1	dotomi.com dclk-match.dotomi.com	104 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 945	601 B
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 1932	2 KB
1	ipsnoticias.net ipsnoticias.net
0	bidswitch.net Failed x.bidswitch.net Failed
190	39

	Domain	Requested by
36	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
21	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ipsnews.net
19	pagead2.googlesyndication.com	ipsnews.net pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
19	ipsnews.net	ipsnews.net
12	cm.g.doubleclick.net	1 redirects ipsnews.net googleads.g.doubleclick.net
9	w.ad.style	ipsnews.net widgets.ad.style
7	www.gstatic.com	googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
6	www.google.com	3 redirects ipsnews.net googleads.g.doubleclick.net tpc.googlesyndication.com
5	fonts.googleapis.com	ipsnews.net googleads.g.doubleclick.net hal900020.redintelligence.net
4	hal9000.redintelligence.net	ipsnews.net hal900020.redintelligence.net
4	fonts.gstatic.com	fonts.googleapis.com
3	hal900020.redintelligence.net	hal9000.redintelligence.net hal900020.redintelligence.net
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	pm.w55c.net	2 redirects
2	cdn.retailads.net	1 redirects futalis.de
2	c1.adform.net	2 redirects
2	ads.travelaudience.com	2 redirects
2	csi.gstatic.com	www.gstatic.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	pubtagmanager.com	ipsnews.net
2	lg3.media.net	ipsnews.net
2	contextual.media.net	ipsnews.net
2	www.googletagmanager.com	ipsnews.net adv.office-partner.de
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	dis.criteo.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	www.awin1.com	googleads.g.doubleclick.net
1	track.webgains.com	ipsnews.net
1	futalis.de	hal900020.redintelligence.net
1	adv.office-partner.de	hal900020.redintelligence.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	pixel.mathtag.com	tags.mathtag.com
1	r4---sn-5hne6ns6.gvt1.com	googleads.g.doubleclick.net
1	redirector.gvt1.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	ipsnews.net
1	secure.gravatar.com	ipsnews.net
1	widgets.ad.style	ipsnews.net
1	ipsnoticias.net	ipsnews.net
0	x.bidswitch.net Failed
190	52

This site contains links to these domains. Also see Links.

Domain
ad.style
www.ipsnoticias.net
www.ipsinternational.org
www.ipsnews.net
ipsnews.be
twitter.com
facebook.com
lpost.org
www.jpost.com
www.360prwire.com
w.ad.style

Subject Issuer	Validity	Valid
www.ipsnews.net R3	`2023-03-08` - `2023-06-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
ipsnoticias.net Sectigo RSA Domain Validation Secure Server CA	`2022-05-27` - `2023-06-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
w.ad.style Sectigo RSA Domain Validation Secure Server CA	`2022-11-14` - `2023-12-08`	a year	crt.sh
widgets.ad.style Sectigo RSA Domain Validation Secure Server CA	`2022-11-14` - `2023-12-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
pubtagmanager.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-14` - `2023-12-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh
redintelligence.net R3	`2023-04-10` - `2023-07-09`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
adv.office-partner.de R3	`2023-05-01` - `2023-07-30`	3 months	crt.sh
*.futalis.de R3	`2023-04-17` - `2023-07-16`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-13`	5 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G1	`2022-06-17` - `2023-06-18`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh

This page contains 27 frames:

Primary Page: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Frame ID: D7F1AEE52CDB84DFEBC1FFE6A9D93AF5
Requests: 58 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20190131/zrt_lookup.html
Frame ID: 2A8502F4FC32E625068F56BA55A47F5D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&adk=1812271804&adf=3025194257&lmt=1683184339&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x675_r&format=0x0&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F01%2F30%2Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683184339014&bpp=10&bdt=1325&idt=320&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1844371234189&frm=20&pv=2&ga_vid=660110418.1683184339&ga_sid=1683184339&ga_hid=700711020&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44773810%2C44788441%2C44789925&oid=2&pvsid=4108554671110810&tmod=1160325905&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=381
Frame ID: 812A806EC31EBBE32765B753B9188811
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=280&adk=1859842940&adf=3401909798&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1683184339&rafmt=1&to=qs&pwprc=2587445467&format=1200x280&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F01%2F30%2Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683184339024&bpp=3&bdt=1335&idt=380&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1844371234189&frm=20&pv=1&ga_vid=660110418.1683184339&ga_sid=1683184339&ga_hid=700711020&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44773810%2C44788441%2C44789925&oid=2&pvsid=4108554671110810&tmod=1160325905&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6bpsYG0he1&p=https%3A//ipsnews.net&dtd=384
Frame ID: B5DE9AF07D766AABEEA98C6D775156D4
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=600&adk=1179306731&adf=1549132715&pi=t.aa~a.1596287903~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1683184341&rafmt=1&to=qs&pwprc=2587445467&format=300x600&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F01%2F30%2Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683184341620&bpp=1&bdt=3930&idt=-M&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da8bbdb08e4147e5f-22177a8882df0083%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_Mb9pQXMaEMn_cMJgI7iHU5a_8nl3A&gpic=UID%3D00000bf531c999a3%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_MYSLwq-Q8rz9m_Dekl25fuRtR8yEA&prev_fmts=0x0%2C1200x280&nras=3&correlator=1844371234189&frm=20&pv=1&ga_vid=660110418.1683184339&ga_sid=1683184339&ga_hid=700711020&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=1786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44773810%2C44788441%2C44789925&oid=2&psts=ABHeCvjyXtovpfdjv5xUFRgOH4zwNmIyihbiQQx4kp5_8xMrbRqasMjW-z4KdfWqvCfreGPf-REdLrs-4KSrfC3UxU6YzOEb&pvsid=4108554671110810&tmod=1160325905&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=frlZhSNZM0&p=https%3A//ipsnews.net&dtd=13
Frame ID: 8C47A038EDC05B18EA9B893D4BF25801
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=240&adk=27255752&adf=1123737134&pi=t.aa~a.2004663329~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1683184341&rafmt=1&to=qs&pwprc=2587445467&format=300x240&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F01%2F30%2Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683184341620&bpp=1&bdt=3931&idt=1&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da8bbdb08e4147e5f-22177a8882df0083%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_Mb9pQXMaEMn_cMJgI7iHU5a_8nl3A&gpic=UID%3D00000bf531c999a3%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_MYSLwq-Q8rz9m_Dekl25fuRtR8yEA&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=1844371234189&frm=20&pv=1&ga_vid=660110418.1683184339&ga_sid=1683184339&ga_hid=700711020&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=3951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44773810%2C44788441%2C44789925&oid=2&psts=ABHeCvjyXtovpfdjv5xUFRgOH4zwNmIyihbiQQx4kp5_8xMrbRqasMjW-z4KdfWqvCfreGPf-REdLrs-4KSrfC3UxU6YzOEb&pvsid=4108554671110810&tmod=1160325905&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HRz8ZltxW9&p=https%3A//ipsnews.net&dtd=38
Frame ID: 51D1B2BA815E1E09F6BB18EAD043201A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9336A21A2609E2F8EEAF2C6B5CA558FF
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Frame ID: B7C05601DD58806F0E30939516143871
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Frame ID: EE2B0EB2E11345C4FF869B0ABFCF0439
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0B777984314AA9331D2D369E3B7144A9
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js
Frame ID: 91773D2FE2601EC64B3E566586662408
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/e6ca7bffdb571b122f7e2a992921a2d5.js?tag=client_fast_engine_2019
Frame ID: 820D24BBEE1BCD88E80300966BEC5BC4
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B1C4B3B68191EB6E47920E15F2781B2A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EA09853D1052C4BD21E7401518E7954C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js
Frame ID: 6EB5260FE74B2FC375C39871776662F7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js
Frame ID: 78FC465C69165BCA0D230F152DAB0157
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js
Frame ID: AF98DA740B3F8B110D698E4C4F50088F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js
Frame ID: F3117B6FECF8C7FDDF5B3E2CA7FE6E5C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 18C4237B5907A3BA02FF3E2C69C74720
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 040162824D59D7BFC067780E89C8BC91
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js
Frame ID: 790E09A07C5604926BBCB78A37ED3568
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 567E6B011609C8C680234FB2A352A443
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2681429343
Frame ID: ABF17E1C6FD92FBD4888C6F7ADE97B3F
Requests: 2 HTTP requests in this frame

Frame: https://hal900020.redintelligence.net/request_content.php?s=69670900037134600951401012314020&a=7c62663d
Frame ID: 67CA5571830AD757B021F3FAA0508503
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ABCEA60EE04E46E89D60E058023782E1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ED9C146DB15182A1A587ECBF9D54242F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 304A44B98E6C7E3CACF1B2AB149A6892
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lifestyle Keto Reviews (Scam Alert 2022) – Shocking Side Effects Revealed Must Read Before Buy - IPS Inter Press Service BusinessLifestyle Keto Reviews (Scam Alert 2022) – Shocking Side Effects Revealed Must Read Before Buy - IPS Inter Press Service Business

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

190
Requests

94 %
HTTPS

50 %
IPv6

39
Domains

52
Subdomains

42
IPs

6
Countries

3723 kB
Transfer

6283 kB
Size

11
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://ad.style/

Search URL Search Domain Scan URL

URL: http://www.ipsnoticias.net/
Title: ESPAÑOL

Search URL Search Domain Scan URL

URL: http://www.ipsinternational.org/arabic
Title: ARABIC

Search URL Search Domain Scan URL

URL: http://www.ipsnews.net/deutsch/
Title: DEUTSCH

Search URL Search Domain Scan URL

URL: http://www.ipsnews.net/italiano/
Title: ITALIANO

Search URL Search Domain Scan URL

URL: http://ipsnews.be/
Title: NEDERLANDS

Search URL Search Domain Scan URL

URL: http://www.ipsnoticias.net/portugues/
Title: PORTUGUÊS

Search URL Search Domain Scan URL

URL: http://www.ipsnews.net/svenska/
Title: SVENSKA

Search URL Search Domain Scan URL

URL: http://twitter.com/ipsnews

Search URL Search Domain Scan URL

URL: http://facebook.com/ipsnews

Search URL Search Domain Scan URL

URL: http://www.ipsnews.net/feed/

Search URL Search Domain Scan URL

URL: http://lpost.org/go/lifestyleketo/
Title: MUST SEE: (LIMITED STOCK) Click Here to Buy Lifestyle Keto From Its Official Website

Search URL Search Domain Scan URL

URL: https://www.jpost.com/promocontent/regal-keto-reviews-scam-exposed-2022-pros-cons-side-effects-dragons-den-and-how-it-works-694636
Title: weight loss

Search URL Search Domain Scan URL

URL: https://www.jpost.com/promocontent/next-plant-cbd-gummies-reviews-scam-exposed-2022-read-pros-cons-side-effects-694275
Title: energy

Search URL Search Domain Scan URL

URL: https://www.360prwire.com/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Title: Lifestyle Keto Reviews (Scam Alert 2022) – Shocking Side Effects Revealed Must Read Before Buy

Search URL Search Domain Scan URL

URL: https://www.360prwire.com/
Title: 360PRWire

Search URL Search Domain Scan URL

URL: https://w.ad.style/click?&d2k%3D=MjgyOA%3D%3D&aWQ%3D=MjI5NTc%3D&cHg%3D=MjAw&cG9z=MA%3D%3D&d2Jj=MQ%3D%3D&anNk=MA%3D%3D&ZW5k=MA%3D%3D&Y2Vm=MA%3D%3D&d2Vi=MA%3D%3D&Y2hy=MQ%3D%3D&YXdl=MA%3D%3D&cGhh=MA%3D%3D&bm9k=MA%3D%3D&eHVs=MA%3D%3D&cmVz=MTYwMHgxMjAw&djg%3D=MQ%3D%3D&c20%3D=MA%3D%3D&aWU%3D=MA%3D%3D&cmg%3D=MA%3D%3D&anNj=MA%3D%3D&Y2hj=MA%3D%3D&d2Jr=MA%3D%3D&Ymxu=MQ%3D%3D&bXNo=MA%3D%3D&Z2Vj=MA%3D%3D&ZWRn=MA%3D%3D&bW9i=MA%3D%3D&aWV2=MA%3D%3D&ZG1l=MQ%3D%3D&bmV3=MQ%3D%3D
Title: EILMEDUNG - Horst Lichter hat alle belogen

Search URL Search Domain Scan URL

URL: https://w.ad.style/click?&d2k%3D=MjgyOA%3D%3D&aWQ%3D=MTQ0MjY%3D&cHg%3D=MjAw&cG9z=MQ%3D%3D&d2Jj=MQ%3D%3D&anNk=MA%3D%3D&ZW5k=MA%3D%3D&Y2Vm=MA%3D%3D&d2Vi=MA%3D%3D&Y2hy=MQ%3D%3D&YXdl=MA%3D%3D&cGhh=MA%3D%3D&bm9k=MA%3D%3D&eHVs=MA%3D%3D&cmVz=MTYwMHgxMjAw&djg%3D=MQ%3D%3D&c20%3D=MA%3D%3D&aWU%3D=MA%3D%3D&cmg%3D=MA%3D%3D&anNj=MA%3D%3D&Y2hj=MA%3D%3D&d2Jr=MA%3D%3D&Ymxu=MQ%3D%3D&bXNo=MA%3D%3D&Z2Vj=MA%3D%3D&ZWRn=MA%3D%3D&bW9i=MA%3D%3D&aWV2=MA%3D%3D&ZG1l=MQ%3D%3D&bmV3=MQ%3D%3D
Title: Tragischer Unfall: Bushido verliert alles ...

Search URL Search Domain Scan URL

URL: https://w.ad.style/click?&d2k%3D=MjgyOA%3D%3D&aWQ%3D=MTAwMDI%3D&cHg%3D=MjAw&cG9z=Mg%3D%3D&d2Jj=MQ%3D%3D&anNk=MA%3D%3D&ZW5k=MA%3D%3D&Y2Vm=MA%3D%3D&d2Vi=MA%3D%3D&Y2hy=MQ%3D%3D&YXdl=MA%3D%3D&cGhh=MA%3D%3D&bm9k=MA%3D%3D&eHVs=MA%3D%3D&cmVz=MTYwMHgxMjAw&djg%3D=MQ%3D%3D&c20%3D=MA%3D%3D&aWU%3D=MA%3D%3D&cmg%3D=MA%3D%3D&anNj=MA%3D%3D&Y2hj=MA%3D%3D&d2Jr=MA%3D%3D&Ymxu=MQ%3D%3D&bXNo=MA%3D%3D&Z2Vj=MA%3D%3D&ZWRn=MA%3D%3D&bW9i=MA%3D%3D&aWV2=MA%3D%3D&ZG1l=MQ%3D%3D&bmV3=MQ%3D%3D
Title: Lena Meyer-Landrut: Satiriker Jan Böhmermann attackiert ...

Search URL Search Domain Scan URL

URL: https://w.ad.style/click?&d2k%3D=MjgyOA%3D%3D&aWQ%3D=MTE0NTE%3D&cHg%3D=MjAw&cG9z=Mw%3D%3D&d2Jj=MQ%3D%3D&anNk=MA%3D%3D&ZW5k=MA%3D%3D&Y2Vm=MA%3D%3D&d2Vi=MA%3D%3D&Y2hy=MQ%3D%3D&YXdl=MA%3D%3D&cGhh=MA%3D%3D&bm9k=MA%3D%3D&eHVs=MA%3D%3D&cmVz=MTYwMHgxMjAw&djg%3D=MQ%3D%3D&c20%3D=MA%3D%3D&aWU%3D=MA%3D%3D&cmg%3D=MA%3D%3D&anNj=MA%3D%3D&Y2hj=MA%3D%3D&d2Jr=MA%3D%3D&Ymxu=MQ%3D%3D&bXNo=MA%3D%3D&Z2Vj=MA%3D%3D&ZWRn=MA%3D%3D&bW9i=MA%3D%3D&aWV2=MA%3D%3D&ZG1l=MQ%3D%3D&bmV3=MQ%3D%3D
Title: Robert Geiss in Saint Tropez verhaftet

Search URL Search Domain Scan URL

URL: http://www.ipsnews.net/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: http://www.ipsnews.net/about-us/
Title: About Us

Search URL Search Domain Scan URL

URL: http://www.ipsnews.net/our-team/
Title: Our Team

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 116

https://redirector.gvt1.com/videoplayback?id=8ac3975dce9a124e&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1683191541&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=5B05B672E10E59C5A95E9372CC3F106BAD42D8E2.3EE1D67C818216EFBAB240FF2218B2DDC88C1181&key=ck2 HTTP 302
https://r4---sn-5hne6ns6.gvt1.com/videoplayback?id=8ac3975dce9a124e&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1683191541&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=04BDAF3AE696F28CE8B22D32CF1004EA363CAB0F.433784F0E7A6AED4A38CA482DCC9FB012E15F235&key=cms1&cms_redirect=yes&mh=pQ&mip=2a03:1b20:6:f011::6e&mm=28&mn=sn-5hne6ns6&ms=nvh&mt=1683184002&mv=u&mvi=4&pl=48

Request Chain 117

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 122

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 152

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 154

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHYYtwTSMy7kQ0cuagPkRUI&google_cver=1&google_push=ATf1kGMiKlAIYKhaLP3NB3Gfsn-oRSUJJhaEKX-_WoboTAZO5Fi61h4wH0As9bTDjwNf6r5xm-OUa_D02aKiSDhFFRTHXtRq2s3SrXo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHYYtwTSMy7kQ0cuagPkRUI&google_push=ATf1kGMiKlAIYKhaLP3NB3Gfsn-oRSUJJhaEKX-_WoboTAZO5Fi61h4wH0As9bTDjwNf6r5xm-OUa_D02aKiSDhFFRTHXtRq2s3SrXo

Request Chain 155

https://um.simpli.fi/gp_match?google_gid=CAESEJuuWQ62U1mKHQ6U27BtrUA&google_cver=1&google_push=ATf1kGMd5gYvy3Vi5AsbILhSoTZi9xYEuCg2258sPoUOdydXU7pMnhhcufr6oAi6TxWgGw-U0TMiyDBVtuj4XeBx0FbqKnSoWC3a7Gw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=17A8047F59E64A899C6CE336ECB67BC9&google_push=ATf1kGMd5gYvy3Vi5AsbILhSoTZi9xYEuCg2258sPoUOdydXU7pMnhhcufr6oAi6TxWgGw-U0TMiyDBVtuj4XeBx0FbqKnSoWC3a7Gw

Request Chain 156

https://ads.travelaudience.com/google_pixel?google_gid=CAESECOoeElb_Y3ePa5_XThRgk8&google_cver=1&google_push=ATf1kGMsd6zEZgmHtx7dNal_7Imhqw90VFweCmCvFJYQ7TiLpyXSpYOgQX-OZQEKqnFpcxqcNvRVJqUw1_3e0bDREQzUVrSH9ZVJehE HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GAYqC4n2T0u8q4hMMz2g3w2&google_push=ATf1kGMsd6zEZgmHtx7dNal_7Imhqw90VFweCmCvFJYQ7TiLpyXSpYOgQX-OZQEKqnFpcxqcNvRVJqUw1_3e0bDREQzUVrSH9ZVJehE

Request Chain 157

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEN__sjBXOA0ZLQONgSdYM-M&google_cver=1&google_push=ATf1kGPubINbV7hMLeIF3Sti9TkpN0OrTur4a-YROJtdthUPJ3GTv8nu0ARwZh5dJ1rBPoWU2ySrOyLUg_CTt4i-iPhQ6nz-GwJ6jL8 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEN__sjBXOA0ZLQONgSdYM-M&google_cver=1&google_push=ATf1kGPubINbV7hMLeIF3Sti9TkpN0OrTur4a-YROJtdthUPJ3GTv8nu0ARwZh5dJ1rBPoWU2ySrOyLUg_CTt4i-iPhQ6nz-GwJ6jL8

Request Chain 158

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIRIRl9Di7FeTEeWzCOGcKY&google_cver=1&google_push=ATf1kGOwCq1xhieop3DUer7fwAEhTBTxRNvFF6VcIfoUz9AJjHtJY8qixzNsRUd40MtR5eKpyKwYvD7l7pIr-XegKnR0GhZW_xbUIdg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOwCq1xhieop3DUer7fwAEhTBTxRNvFF6VcIfoUz9AJjHtJY8qixzNsRUd40MtR5eKpyKwYvD7l7pIr-XegKnR0GhZW_xbUIdg&google_hm=eS1xaWRhaHhSRTJwR1BuWmFGYTJkNnhicU9LY2pxcS40U35B

Request Chain 159

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESED06xrvehr6n0M8f6aP4hXU&google_cver=1&google_push=ATf1kGNALPo6B0_qdinft26fISZxMRy8jWB2nyfgsDazLhmXt8_6yMz_DFQBJgjvzxed8j5eM3PkMVQzwCZVYe8Rs-G5e3vF9nJwWnQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESED06xrvehr6n0M8f6aP4hXU&google_cver=1&google_push=ATf1kGNALPo6B0_qdinft26fISZxMRy8jWB2nyfgsDazLhmXt8_6yMz_DFQBJgjvzxed8j5eM3PkMVQzwCZVYe8Rs-G5e3vF9nJwWnQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODg4NDk0MTE0ODY0NTg0MDE0NA&google_push=ATf1kGNALPo6B0_qdinft26fISZxMRy8jWB2nyfgsDazLhmXt8_6yMz_DFQBJgjvzxed8j5eM3PkMVQzwCZVYe8Rs-G5e3vF9nJwWnQ

Request Chain 163

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=69670900037134600951401012314020&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2681429343

Request Chain 176

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDuSpfPsJqAJ3y0PUckU8XY&google_cver=1&google_push=ATf1kGPMUzXT1PJrLN80pgE7VHFoF2h-8RUXCtlmPs81qXbhkkRUiLImm-9S2JorStLrqL8TxJCpsaAnE2OSvdRFN-mxmlSXEmrT2lK27Y6-znn1iOwIDj04pkjhc8CJ4GZYxZnZPigLVecvIYs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjg4MTU1ODc3Mjc0OTQ2Mjc2Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDuSpfPsJqAJ3y0PUckU8XY&google_cver=1

Request Chain 178

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDxCY6gDMLm_tyAORV70t_U&google_cver=1&google_push=ATf1kGMn39seRGVeLKaFCtIyg2O03SGg_Ug6OgmOw6ENwh4gg7wcpxRXiGmxxrj5EWS_VQm0R3tVymU16fFsbRTvJukFb2DgQx3UbuqOsqWPgcgk6o39gufGTHBjtIb23qT8tvTREOaV48fmmQ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDxCY6gDMLm_tyAORV70t_U&google_cver=1&google_push=ATf1kGMn39seRGVeLKaFCtIyg2O03SGg_Ug6OgmOw6ENwh4gg7wcpxRXiGmxxrj5EWS_VQm0R3tVymU16fFsbRTvJukFb2DgQx3UbuqOsqWPgcgk6o39gufGTHBjtIb23qT8tvTREOaV48fmmQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MGZYS0RSdEsxUFV0OEE1&google_gid=CAESEDxCY6gDMLm_tyAORV70t_U&google_cver=1&google_push=ATf1kGMn39seRGVeLKaFCtIyg2O03SGg_Ug6OgmOw6ENwh4gg7wcpxRXiGmxxrj5EWS_VQm0R3tVymU16fFsbRTvJukFb2DgQx3UbuqOsqWPgcgk6o39gufGTHBjtIb23qT8tvTREOaV48fmmQ

Request Chain 179

https://ads.travelaudience.com/google_pixel?google_gid=CAESECOoeElb_Y3ePa5_XThRgk8&google_cver=1&google_push=ATf1kGNmPcQxTSDVkR1agbzECl9hYiXJ02itXz-POGIXvfi1B1Ih_pi8bABy35Iu16iExSwNXDjaJ2SiY8P-Poewz4E8Dk-VmwCqUg5orLz7wrIMmaEhh8u82PU0wlczuV0y44scWABWF4mVEvM HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GAYqC4n2T0u8q4hMMz2g3w2&google_push=ATf1kGNmPcQxTSDVkR1agbzECl9hYiXJ02itXz-POGIXvfi1B1Ih_pi8bABy35Iu16iExSwNXDjaJ2SiY8P-Poewz4E8Dk-VmwCqUg5orLz7wrIMmaEhh8u82PU0wlczuV0y44scWABWF4mVEvM

Request Chain 181

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECA_6HpIklTzjeU-cHB6MFo&google_cver=1&google_push=ATf1kGNbYkS-73zYKaPBimpIG3mAwi0RgZ67PUB5ZsJv_Jrk_TOL6QeJWzvSHvb1rrsbAFJ6WF5RkwcPDxF_2ieIYYCG6jqOQXMtTHxCFfnbu3DrS0esd5WCTqjHgH9Bo_rxSTTWNs3Rq5e9ZxM HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECA_6HpIklTzjeU-cHB6MFo&google_cver=1&google_push=ATf1kGNbYkS-73zYKaPBimpIG3mAwi0RgZ67PUB5ZsJv_Jrk_TOL6QeJWzvSHvb1rrsbAFJ6WF5RkwcPDxF_2ieIYYCG6jqOQXMtTHxCFfnbu3DrS0esd5WCTqjHgH9Bo_rxSTTWNs3Rq5e9ZxM&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qdX1cnkeRZiQvTlh-Loi4w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNbYkS-73zYKaPBimpIG3mAwi0RgZ67PUB5ZsJv_Jrk_TOL6QeJWzvSHvb1rrsbAFJ6WF5RkwcPDxF_2ieIYYCG6jqOQXMtTHxCFfnbu3DrS0esd5WCTqjHgH9Bo_rxSTTWNs3Rq5e9ZxM

Request Chain 182

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELBmmyLq_Dx1yeDsOSdq4e4&google_cver=1&google_push=ATf1kGPtlPzOdtUHhnetz5Rc_WkrRqzPjvD8rZ0KitQBxl-K4uKUGFuQMmtmuv70L1FqMsec2BVHjm8WyRBYWbokbSoyBF8y1zx7Be0Es8ceqEc0DOENgTi9TfqOvqj6rbA-eD319P5n7yHFEw HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELBmmyLq_Dx1yeDsOSdq4e4&google_push=ATf1kGPtlPzOdtUHhnetz5Rc_WkrRqzPjvD8rZ0KitQBxl-K4uKUGFuQMmtmuv70L1FqMsec2BVHjm8WyRBYWbokbSoyBF8y1zx7Be0Es8ceqEc0DOENgTi9TfqOvqj6rbA-eD319P5n7yHFEw&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELBmmyLq_Dx1yeDsOSdq4e4&google_hm=ZFNa2AVT3HdfVVNGRVLZ6AAADRQAAAAB&google_nid=index&google_push=ATf1kGPtlPzOdtUHhnetz5Rc_WkrRqzPjvD8rZ0KitQBxl-K4uKUGFuQMmtmuv70L1FqMsec2BVHjm8WyRBYWbokbSoyBF8y1zx7Be0Es8ceqEc0DOENgTi9TfqOvqj6rbA-eD319P5n7yHFEw

190 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/ 51 KB
51 KB 1025ms
771ms Document
text/html 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 / PHP/5.6.40
Resource Hash: a4272ee01791ab826c62f9e7aa70f5ed9aa7d3213da70c041e9c09db8b854e39

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 04 May 2023 07:12:16 GMT
Keep-Alive: timeout=5, max=200
Link: <https://ipsnews.net/business/wp-json/>; rel="https://api.w.org/", <https://ipsnews.net/business/wp-json/wp/v2/posts/217680>; rel="alternate"; type="application/json", <https://ipsnews.net/business/?p=217680>; rel=shortlink
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
ipsnews.net/business/wp-includes/js/ 18 KB
18 KB 584ms
114ms Script
application/javascript 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:18 GMT
Last-Modified: Wed, 26 Jan 2022 13:33:21 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: application/javascript
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=197
Content-Length: 18181
Expires: max-age=A10368000, public

GET
H/1.1 200
OK style.min.css
ipsnews.net/business/wp-includes/css/dist/block-library/ 81 KB
82 KB 132ms
113ms Stylesheet
text/css 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-includes/css/dist/block-library/style.min.css?ver=5.9.5
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:17 GMT
Last-Modified: Wed, 06 Apr 2022 04:59:53 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: text/css
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 83419
Expires: max-age=A10368000, public

GET
H2 200 css
fonts.googleapis.com/ 5 KB
999 B 125ms
45ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&ver=5.9.5

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9cc93f2fe3f1d4abf31d279d40f57ee969b1ce84cb99bc346cba4d81af28e8ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ipsnews.net/
Origin: https://ipsnews.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 May 2023 07:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 May 2023 06:21:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 May 2023 07:12:17 GMT

GET
H/1.1 200
OK athemes-symbols.css
ipsnews.net/business/wp-content/themes/fashionistas/css/ 2 KB
3 KB 334ms
113ms Stylesheet
text/css 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-content/themes/fashionistas/css/athemes-symbols.css?ver=5.9.5
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: 05ae69a564e36859e369678d38487fce694d028307f0c8005094d52167299bf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:18 GMT
Last-Modified: Thu, 02 May 2019 14:00:52 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: text/css
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 2474
Expires: max-age=A10368000, public

GET
H/1.1 200
OK bootstrap.min.css
ipsnews.net/business/wp-content/themes/fashionistas/css/ 104 KB
104 KB 341ms
115ms Stylesheet
text/css 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-content/themes/fashionistas/css/bootstrap.min.css?ver=5.9.5
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: 186c40d06fc13830497a7b9f42bc14538c1b7fa0b98560c7911e6e1a935f769d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:18 GMT
Last-Modified: Thu, 02 May 2019 14:00:52 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: text/css
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 106015
Expires: max-age=A10368000, public

GET
H/1.1 200
OK style.css
ipsnews.net/business/wp-content/themes/fashionistas/ 26 KB
26 KB 344ms
116ms Stylesheet
text/css 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-content/themes/fashionistas/style.css?ver=5.9.5
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: 2ba1f5e940f91cda0982499c2a45bae9a7b1f467d3080602cd4cfa788cc9ab23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:18 GMT
Last-Modified: Thu, 19 Nov 2020 13:09:17 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: text/css
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 26452
Expires: max-age=A10368000, public

GET
H/1.1 200
OK medianetAdInjector.js Show response
ipsnews.net/business/wp-content/plugins/media-net-ads-manager/js/ 562 B
963 B 344ms
115ms Script
application/javascript 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-content/plugins/media-net-ads-manager/js/medianetAdInjector.js?ver=2.10.13
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: 37d925559381e9d5388c4a096fe1383570546b7b11548d7d6a7e560adcc24e5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:18 GMT
Last-Modified: Wed, 26 Jan 2022 13:34:12 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: application/javascript
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 562
Expires: max-age=A10368000, public

GET
H/1.1 200
OK jquery.min.js Show response
ipsnews.net/business/wp-includes/js/jquery/ 87 KB
88 KB 361ms
121ms Script
application/javascript 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:18 GMT
Last-Modified: Wed, 26 Jan 2022 13:33:22 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: application/javascript
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 89521
Expires: max-age=A10368000, public

GET
H/1.1 200
OK jquery-migrate.min.js Show response
ipsnews.net/business/wp-includes/js/jquery/ 11 KB
11 KB 447ms
114ms Script
application/javascript 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:18 GMT
Last-Modified: Wed, 26 Jan 2022 13:33:22 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: application/javascript
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 11224
Expires: max-age=A10368000, public

GET
H/1.1 200
OK bootstrap.min.js Show response
ipsnews.net/business/wp-content/themes/fashionistas/js/ 28 KB
28 KB 459ms
116ms Script
application/javascript 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-content/themes/fashionistas/js/bootstrap.min.js?ver=5.9.5
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: b260d056edb6c39eeeed00ffc7bccded9160bb9c1f03c62d77a99181ae88a08b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:18 GMT
Last-Modified: Thu, 02 May 2019 14:00:52 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: application/javascript
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 28631
Expires: max-age=A10368000, public

GET
H/1.1 200
OK hoverIntent.js Show response
ipsnews.net/business/wp-content/themes/fashionistas/js/ 5 KB
5 KB 465ms
113ms Script
application/javascript 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-content/themes/fashionistas/js/hoverIntent.js?ver=5.9.5
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: 740cb53532e536c1c7a90cbb037a9a002d2126b34bed1d6d3722b52d2bfe11b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:18 GMT
Last-Modified: Thu, 02 May 2019 14:00:52 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: application/javascript
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=198
Content-Length: 4938
Expires: max-age=A10368000, public

GET
H/1.1 200
OK superfish.js Show response
ipsnews.net/business/wp-content/themes/fashionistas/js/ 7 KB
8 KB 561ms
113ms Script
application/javascript 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-content/themes/fashionistas/js/superfish.js?ver=5.9.5
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: db5d34266f8c9536b72268057df2c6b249ab732eaa471579b19df531704b9450

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:18 GMT
Last-Modified: Thu, 02 May 2019 14:00:52 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: application/javascript
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=198
Content-Length: 7481
Expires: max-age=A10368000, public

GET
H/1.1 200
OK settings.js Show response
ipsnews.net/business/wp-content/themes/fashionistas/js/ 174 B
575 B 575ms
117ms Script
application/javascript 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-content/themes/fashionistas/js/settings.js?ver=5.9.5
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: cdc2d5f13b61543ed19e2b453894fbcc857f171ca074ddb7bff40b6ad4d8ea0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:18 GMT
Last-Modified: Thu, 02 May 2019 14:00:52 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: application/javascript
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 174
Expires: max-age=A10368000, public

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 145ms
51ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-361073-1

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d5bebd44ed8d8825bbcb5d4a7df292b3a5db678cf7ebdf87504152410c1df7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45740
x-xss-protection: 0
last-modified: Thu, 04 May 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 May 2023 07:12:18 GMT

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 368 B
551 B 65ms
19ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CU3E02MG

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f622ffe277936d272b6550fdc08ff27b9a3d6def08d334662c102e1b0a0b9021

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-mnt-h: 21-76z2
strict-transport-security: max-age=31536000
date: Thu, 04 May 2023 07:12:18 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
content-length: 368
expires: Thu, 04 May 2023 07:17:18 GMT

GET
H2 404 tria.png
ipsnoticias.net/wp-content/themes/ips-spa/images/ 0
0 2110ms
1098ms Image
text/html 179.43.113.26
Dattatec.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipsnoticias.net/wp-content/themes/ips-spa/images/tria.png
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.113.26 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS: sd-1919030-l.dattaweb.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H/1.1 200
OK social-tw.png
ipsnews.net/wp-content/themes/ipsnews/images/ 1 KB
2 KB 118ms
117ms Image
image/png 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipsnews.net/wp-content/themes/ipsnews/images/social-tw.png
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: 6f782c13509bdd9c6786af7b42d09e54aee58f59244d04ceb478793805bc6bd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:18 GMT
Last-Modified: Sun, 05 Jan 2014 16:37:57 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: image/png
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 1233
Expires: max-age=A10368000, public

GET
H/1.1 200
OK social-fb.png
ipsnews.net/wp-content/themes/ipsnews/images/ 1 KB
1 KB 125ms
123ms Image
image/png 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipsnews.net/wp-content/themes/ipsnews/images/social-fb.png
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: e423e7e6b9e3e8ee687307722bff9b8998886d106f8d951f116f1bac5eef85af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:18 GMT
Last-Modified: Sun, 05 Jan 2014 16:37:54 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: image/png
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 1097
Expires: max-age=A10368000, public

GET
H/1.1 200
OK feed.png
ipsnews.net/wp-content/themes/ipsnews/images/ 1 KB
2 KB 116ms
114ms Image
image/png 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipsnews.net/wp-content/themes/ipsnews/images/feed.png
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: c4b061664ceb42372c8cfc5af699a6b2a81a698115b41ea72c0b1a70419954eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:18 GMT
Last-Modified: Sun, 05 Jan 2014 16:37:09 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: image/png
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=196
Content-Length: 1354
Expires: max-age=A10368000, public

GET
H/1.1 200
OK logo-IPS.png
ipsnews.net/business/wp-content/uploads/2020/11/ 6 KB
7 KB 119ms
118ms Image
image/png 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipsnews.net/business/wp-content/uploads/2020/11/logo-IPS.png
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: bab73ae419115b088718ddb96163e9d3020362ecc8d140cf357dbcccb72969d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:18 GMT
Last-Modified: Mon, 16 Nov 2020 22:57:06 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: image/png
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=198
Content-Length: 6621
Expires: max-age=A10368000, public

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
47 KB 210ms
88ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6412117467229435

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6abceb576339b60860664e2e347eea09fb9720bf664f28d6cbe24bc66a780b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsnews.net/
Origin: https://ipsnews.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47490
x-xss-protection: 0
server: cafe
etag: 9439909769470536254
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 04 May 2023 07:12:18 GMT

GET
H2 200 aslogo.svg
w.ad.style/img/ 5 KB
5 KB 33ms
7ms Image
image/svg+xml 164.92.205.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ad.style/img/aslogo.svg
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.205.110 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0ead49ad1520351760f2ec83f11a4c74bc9195507839d0424f57d93c46108a30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:18 GMT
last-modified: Sun, 23 Oct 2022 10:54:44 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63551d74-12ca"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4810
expires: Fri, 03 May 2024 07:12:18 GMT

GET
H2 200 native.js Show response
widgets.ad.style/ 98 KB
98 KB 32ms
6ms Script
application/javascript 164.90.191.120
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.ad.style/native.js
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.90.191.120 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3cc1556284035fb8bfcc68cd78e1aaa8d579bd15adb220b9b1d7a49e77f1ea3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:18 GMT
last-modified: Wed, 19 Apr 2023 09:09:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "643fafd2-1888c"
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 100492
expires: Thu, 11 May 2023 07:12:18 GMT

GET
H/1.1 200
OK header-bg.png
ipsnews.net/svenska/wp-content/uploads/2020/11/ 7 KB
7 KB 113ms
113ms Image
image/png 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipsnews.net/svenska/wp-content/uploads/2020/11/header-bg.png
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: 8fa341d3a7ec203a98bf18581f1a15b31b9921cdeb0b520dfb57e0af6ac0ac84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:18 GMT
Last-Modified: Mon, 16 Nov 2020 20:50:03 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: image/png
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=197
Content-Length: 6793
Expires: max-age=A10368000, public

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 25 KB
25 KB 130ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&ver=5.9.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ipsnews.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 22:13:59 GMT
x-content-type-options: nosniff
age: 377899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25372
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 22:13:59 GMT

GET
H/1.1 200
OK afonts.woff
ipsnews.net/business/wp-content/themes/fashionistas/fonts/ 6 KB
6 KB 115ms
115ms Font
font/woff 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-content/themes/fashionistas/fonts/afonts.woff?94519643
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/wp-content/themes/fashionistas/css/athemes-symbols.css?ver=5.9.5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: a66979b4409926b6924397ba18c5f9aae035c63afd3540beca4d343dee2750e3

Request headers

Referer: https://ipsnews.net/business/wp-content/themes/fashionistas/css/athemes-symbols.css?ver=5.9.5
Origin: https://ipsnews.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:18 GMT
Last-Modified: Thu, 02 May 2019 14:00:52 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: font/woff
Cache-Control: max-age=0
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=198
Content-Length: 6264
Expires: max-age=A10368000, public

GET
H2 200 bbf63649973a1e5905ca351aa27216d2
secure.gravatar.com/avatar/ 1 KB
2 KB 34ms
6ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/bbf63649973a1e5905ca351aa27216d2?s=75&d=mm&r=g
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0f29d312a830dea6ad2986e35f3215fbe5f6386ab8f12158f7c923d874c2f21d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Thu, 04 May 2023 07:12:18 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="bbf63649973a1e5905ca351aa27216d2.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/bbf63649973a1e5905ca351aa27216d2?s=75&d=mm&r=g>; rel="canonical"
content-length: 1340
expires: Thu, 04 May 2023 07:17:18 GMT

GET
H/1.1 200
OK flping.php
lg3.media.net/ 35 B
338 B 54ms
7ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/flping.php?reason=0&action=16&pid=8PO189A13&gdpr=1&cid=8CU3E02MG&crid=

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Thu, 04 May 2023 07:12:18 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Thu, 04 May 2023 07:12:18 GMT

GET
H2 200 get Show response
w.ad.style/ 2 KB
962 B 15ms
14ms XHR
application/json 164.92.205.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ad.style/get?wi=2828&s=direct
Requested by: Host: widgets.ad.style
URL: https://widgets.ad.style/native.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.205.110 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: b776fc4bee1d97ce5864249f18ed850b4fbf8425e84007a1e380f731feffe8ae

Request headers

asloc: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Referer: https://ipsnews.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 04 May 2023 07:12:18 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"778-8JPDC0mAXJQqWMpbQZnTyP6fF/o"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ipsnews.net
access-control-allow-credentials: true

OPTIONS
H2 204 get
w.ad.style/ Frame 0
0 23ms
8ms Preflight 164.92.205.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ad.style/get?wi=2828&s=direct
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.205.110 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: asloc
Access-Control-Request-Method: GET
Origin: https://ipsnews.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: asloc
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://ipsnews.net
date: Thu, 04 May 2023 07:12:18 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Origin, Access-Control-Request-Headers
x-powered-by: Express

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 116ms
35ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-361073-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 04 May 2023 06:35:44 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2194
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 04 May 2023 08:35:44 GMT

GET
H/1.1 200
OK i.gif
pubtagmanager.com/ 35 B
287 B 64ms
16ms Image
image/gif 108.61.221.118
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubtagmanager.com/i.gif
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 108.61.221.118 City of London, United Kingdom, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 108.61.221.118.vultrusercontent.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:18 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
Transfer-Encoding: chunked
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 /
w.ad.style/image/ 35 KB
36 KB 7ms
6ms Image
image/jpeg 164.92.205.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ad.style/image/?w=360&h=240&url=http%3A%2F%2Fimages.ad.style%2Facba3e487aca767b4fee3c111.jpg
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.205.110 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: be9fee89022dacd9a09fe5f1403e04325e39c7700d3de6c9e50a4adaf35bb4e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:18 GMT
last-modified: Thu, 27 Apr 2023 18:23:44 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "644abdb0-8d3d"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 36157
expires: Fri, 03 May 2024 07:12:18 GMT

GET
H2 200 /
w.ad.style/image/ 44 KB
44 KB 15ms
14ms Image
image/jpeg 164.92.205.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ad.style/image/?w=360&h=240&url=http%3A%2F%2Fimages.ad.style%2Fec3b5de02b354b85f813642a3.jpg
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.205.110 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 51d64b32ffc997d6e6e3be547059c4601961d77763b38604b8c8f28d46226000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:18 GMT
last-modified: Sun, 30 Apr 2023 17:40:42 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "644ea81a-b113"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 45331
expires: Fri, 03 May 2024 07:12:18 GMT

GET
H2 200 /
w.ad.style/image/ 29 KB
30 KB 21ms
20ms Image
image/jpeg 164.92.205.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ad.style/image/?w=360&h=240&url=http%3A%2F%2Fimages.ad.style%2Fcdabe130a173d0e240a9af112.jpg
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.205.110 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e76dc6d163917f941c6e4bd3d434b50f7ece336f4f85ccc786c313dd789caaa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:18 GMT
last-modified: Thu, 27 Apr 2023 20:39:27 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "644add7f-7596"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30102
expires: Fri, 03 May 2024 07:12:18 GMT

GET
H2 200 /
w.ad.style/image/ 47 KB
47 KB 21ms
21ms Image
image/jpeg 164.92.205.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ad.style/image/?w=360&h=240&url=http%3A%2F%2Fimages.ad.style%2F6c125d17124da36d4f74a805c.jpg
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.205.110 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b514b843573200e2420a7c32673e03dfc0a9c396028e1d0d370c5f76b81823cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:18 GMT
last-modified: Sun, 30 Apr 2023 07:00:06 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "644e11f6-bc49"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 48201
expires: Fri, 03 May 2024 07:12:18 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/ 354 KB
119 KB 193ms
115ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6412117467229435&plah=ipsnews.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6412117467229435

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4910f150909d967a7a390bc19944be3c3c736f139269a0308c5abc0196191bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122071
x-xss-protection: 0
server: cafe
etag: 7374266090883583392
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 May 2023 07:12:19 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230502/r20190131/ Frame 2A85 10 KB
5 KB 114ms
35ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230502/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6412117467229435

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsnews.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 26412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 23:52:07 GMT
etag: 15057649708203361565
expires: Wed, 17 May 2023 23:52:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
204 B 43ms
42ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=700711020&t=pageview&_s=1&dl=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F01%2F30%2Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%2F&ul=en-us&de=UTF-8&dt=Lifestyle%20Keto%20Reviews%20(Scam%20Alert%202022)%20%E2%80%93%20Shocking%20Side%20Effects%20Revealed%20Must%20Read%20Before%20Buy%20-%20IPS%20Inter%20Press%20Service%20Business&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=746343535&gjid=1899584744&cid=660110418.1683184339&tid=UA-361073-1&_gid=955528734.1683184339&_r=1&gtm=457e3510&jsscut=1&z=1883402407

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ipsnews.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ipsnews.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
71 B 43ms
43ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=700711020&t=pageview&_s=1&dl=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F01%2F30%2Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%2F&dp=ipsnews.net&ul=en-us&de=UTF-8&dt=Lifestyle%20Keto%20Reviews%20(Scam%20Alert%202022)%20%E2%80%93%20Shocking%20Side%20Effects%20Revealed%20Must%20Read%20Before%20Buy%20-%20IPS%20Inter%20Press%20Service%20Business&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1001008008&gjid=945308830&cid=660110418.1683184339&tid=UA-88489310-1&_gid=955528734.1683184339&_r=1&_slc=1&z=1943724747

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ipsnews.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ipsnews.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
346 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-361073-1&cid=660110418.1683184339&jid=746343535&gjid=1899584744&_gid=955528734.1683184339&_u=YEBAAUAAAAAAACAAI~&z=863371996

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ipsnews.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 04 May 2023 07:12:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ipsnews.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 54ms
19ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-88489310-1&cid=660110418.1683184339&jid=1001008008&gjid=945308830&_gid=955528734.1683184339&_u=YEDAAUABAAAAACAAI~&z=232692764

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ipsnews.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 04 May 2023 07:12:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ipsnews.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 148ms
58ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-361073-1&cid=660110418.1683184339&jid=746343535&_u=YEBAAUAAAAAAACAAI~&z=1290769949

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 153ms
60ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-361073-1&cid=660110418.1683184339&jid=746343535&_u=YEBAAUAAAAAAACAAI~&z=1290769949

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
601 B 124ms
43ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ipsnews.net&callback=_gfp_s_&client=ca-pub-6412117467229435

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6412117467229435&plah=ipsnews.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

300ceb0202f271c89892a3237e8b075b201c15e0caef984ad5f93ee69feb1148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 166ms
45ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ipsnews.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 159ms
47ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ipsnews.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 812A 542 KB
104 KB 1727ms
1726ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&adk=1812271804&adf=3025194257&lmt=1683184339&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x675_r&format=0x0&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F01%2F30%2Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683184339014&bpp=10&bdt=1325&idt=320&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1844371234189&frm=20&pv=2&ga_vid=660110418.1683184339&ga_sid=1683184339&ga_hid=700711020&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44773810%2C44788441%2C44789925&oid=2&pvsid=4108554671110810&tmod=1160325905&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=381

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82455b23a0ab4697219b89d0204ab18842acbd8ff61da20a3c04ec99fccb88df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsnews.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 106379
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 07:12:21 GMT
expires: Thu, 04 May 2023 07:12:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B5DE 104 KB
35 KB 1513ms
1513ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=280&adk=1859842940&adf=3401909798&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1683184339&rafmt=1&to=qs&pwprc=2587445467&format=1200x280&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F01%2F30%2Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683184339024&bpp=3&bdt=1335&idt=380&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1844371234189&frm=20&pv=1&ga_vid=660110418.1683184339&ga_sid=1683184339&ga_hid=700711020&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44773810%2C44788441%2C44789925&oid=2&pvsid=4108554671110810&tmod=1160325905&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6bpsYG0he1&p=https%3A//ipsnews.net&dtd=384

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfe42439e3267a8a94999c28bd5e5285460e51dea9ac24e95cea681b6efdf096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsnews.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35670
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 07:12:20 GMT
expires: Thu, 04 May 2023 07:12:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK v.gif
pubtagmanager.com/ 35 B
287 B 16ms
15ms Image
image/gif 108.61.221.118
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubtagmanager.com/v.gif
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 108.61.221.118 City of London, United Kingdom, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 108.61.221.118.vultrusercontent.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:19 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
Transfer-Encoding: chunked
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 200 / Show response
w.ad.style/views/1683184338900/ 0
306 B 10ms
9ms XHR
text/html 164.92.205.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ad.style/views/1683184338900/?s=direct
Requested by: Host: widgets.ad.style
URL: https://widgets.ad.style/native.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.205.110 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

asloc: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Referer: https://ipsnews.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 04 May 2023 07:12:19 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ipsnews.net
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 204 /
w.ad.style/views/1683184338900/ Frame 0
0 9ms
8ms Preflight 164.92.205.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ad.style/views/1683184338900/?s=direct
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.205.110 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: asloc
Access-Control-Request-Method: POST
Origin: https://ipsnews.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: asloc
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://ipsnews.net
date: Thu, 04 May 2023 07:12:19 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Origin, Access-Control-Request-Headers
x-powered-by: Express

GET
H3 200 css
fonts.googleapis.com/ Frame B5DE 9 KB
921 B 123ms
49ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=280&adk=1859842940&adf=3401909798&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1683184339&rafmt=1&to=qs&pwprc=2587445467&format=1200x280&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F01%2F30%2Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683184339024&bpp=3&bdt=1335&idt=380&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1844371234189&frm=20&pv=1&ga_vid=660110418.1683184339&ga_sid=1683184339&ga_hid=700711020&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44773810%2C44788441%2C44789925&oid=2&pvsid=4108554671110810&tmod=1160325905&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6bpsYG0he1&p=https%3A//ipsnews.net&dtd=384

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 May 2023 07:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 May 2023 06:10:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 May 2023 07:12:21 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame B5DE 2 KB
819 B 161ms
45ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:55:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B5DE 0
0 80ms
79ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C192j01pTZOvSGtynkdUP6v2FgAmX3v2xcJr74b_8ENnZHhABIIvc6h1gleKQgqAHoAGr0ezcAcgBCagDAcgDywSqBOUCT9Ct8bC4sOepB5g5SkPfOrH08jYesIttp0dsCZDUbT44dtj46e0thpFw54lsFKd7_5GiFyU8UEknouiZdmmZQ6tyQGy85ZroK4YgTH6cfVXgCTQyHXthlRT_m8q716vColfOY6dZ-Nwzk-Rw9OB0t3-J6LRc6qaVuM70amHagNWPT6lp9WygJTYhxBeHS-SkztPckIaktSeSTLsQg2RyPTBeMWXbMIYb3684sSRrT5OevztpH1b751HIM0gfBcsM1j-yCI_89xX6lcYNrX1GfarUoLEU0u6HM_RugjYio3Iu086d90_4MfUekziPHptCjvOS6mW6j8-CX_Ov0yZUEUuJi3vjg30F_yV_R190rMMYVHQ58Bk9shfi1HixBOS9H5kTPEc-h9EQQoLs3KdfzoXzf8fXi2HAbNpys-UkKj-nnwmsNb6tc6BSm2TfUJEEUF2tkqxwFrsgq0EpsXyXjbNxM8ANwASkpYTkhwSSBQQIBBgBkgUECAUYBKAGLoAHva6TowKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCNkwnSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMMiBQC0BUBmBYBgBcBshccChoIABIUcHViLTY0MTIxMTc0NjcyMjk0MzUYAA&sigh=7z1AfoBEaF0&uach_m=[UACH]&cid=CAQSGwBygQiDu02ywylOgil63HjqI2aIrR9VJYeFVRgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=280&adk=1859842940&adf=3401909798&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1683184339&rafmt=1&to=qs&pwprc=2587445467&format=1200x280&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F01%2F30%2Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683184339024&bpp=3&bdt=1335&idt=380&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1844371234189&frm=20&pv=1&ga_vid=660110418.1683184339&ga_sid=1683184339&ga_hid=700711020&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44773810%2C44788441%2C44789925&oid=2&pvsid=4108554671110810&tmod=1160325905&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6bpsYG0he1&p=https%3A//ipsnews.net&dtd=384
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 04 May 2023 07:12:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 04 May 2023 07:12:21 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10620335889467377257/ Frame B5DE 45 KB
45 KB 160ms
48ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10620335889467377257/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5167bd2287980691c39609c729537520bcb14138b24b0b2e48f2eaada316762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 15:48:51 GMT
x-content-type-options: nosniff
age: 401010
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46028
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 11:20:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Apr 2024 15:48:51 GMT

GET
DATA 200
OK truncated
/ Frame B5DE 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B5DE 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame B5DE 22 KB
9 KB 101ms
35ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8767
x-xss-protection: 0
server: cafe
etag: 1250930375877819641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:55:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame B5DE 3 KB
1 KB 110ms
46ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:55:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame B5DE 19 KB
8 KB 103ms
39ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7943
x-xss-protection: 0
server: cafe
etag: 8166942304926428282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:55:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B5DE 160 KB
49 KB 591ms
49ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50014
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683113006724128"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 May 2023 07:12:21 GMT

GET
H2 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame B5DE 32 KB
14 KB 124ms
39ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 00:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 20:09:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 00:42:45 GMT

GET
DATA 200
OK truncated
/ Frame B5DE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d0d2d64ebf84ea28d18be9fb458724bb61ae2c11bfd3665a4c75f26d761c5df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/ 151 KB
51 KB 88ms
88ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744a0185f380b5ec22038c08117d6bc39961d294b8cf7ac913d4106cbd11ea55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52297
x-xss-protection: 0
server: cafe
etag: 17119093211532737371
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 07:12:21 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/ 87 KB
30 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6412117467229435

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bfaf29339198888cdff94250fa962f4feea565054d6c526f2baa83eafee571f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30602
x-xss-protection: 0
server: cafe
etag: 900473893994984092
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 07:12:21 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 46ms
45ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ipsnews.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 47ms
46ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ipsnews.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8C47 30 KB
13 KB 2217ms
2216ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=600&adk=1179306731&adf=1549132715&pi=t.aa~a.1596287903~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1683184341&rafmt=1&to=qs&pwprc=2587445467&format=300x600&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F01%2F30%2Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683184341620&bpp=1&bdt=3930&idt=-M&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da8bbdb08e4147e5f-22177a8882df0083%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_Mb9pQXMaEMn_cMJgI7iHU5a_8nl3A&gpic=UID%3D00000bf531c999a3%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_MYSLwq-Q8rz9m_Dekl25fuRtR8yEA&prev_fmts=0x0%2C1200x280&nras=3&correlator=1844371234189&frm=20&pv=1&ga_vid=660110418.1683184339&ga_sid=1683184339&ga_hid=700711020&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=1786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44773810%2C44788441%2C44789925&oid=2&psts=ABHeCvjyXtovpfdjv5xUFRgOH4zwNmIyihbiQQx4kp5_8xMrbRqasMjW-z4KdfWqvCfreGPf-REdLrs-4KSrfC3UxU6YzOEb&pvsid=4108554671110810&tmod=1160325905&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=frlZhSNZM0&p=https%3A//ipsnews.net&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

802bd6688574407e27a82930602b3e665c6720c5a4edf37817c74961a200cb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsnews.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 13724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 07:12:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 51D1 82 KB
33 KB 2397ms
2394ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=240&adk=27255752&adf=1123737134&pi=t.aa~a.2004663329~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1683184341&rafmt=1&to=qs&pwprc=2587445467&format=300x240&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F01%2F30%2Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683184341620&bpp=1&bdt=3931&idt=1&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da8bbdb08e4147e5f-22177a8882df0083%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_Mb9pQXMaEMn_cMJgI7iHU5a_8nl3A&gpic=UID%3D00000bf531c999a3%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_MYSLwq-Q8rz9m_Dekl25fuRtR8yEA&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=1844371234189&frm=20&pv=1&ga_vid=660110418.1683184339&ga_sid=1683184339&ga_hid=700711020&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=3951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44773810%2C44788441%2C44789925&oid=2&psts=ABHeCvjyXtovpfdjv5xUFRgOH4zwNmIyihbiQQx4kp5_8xMrbRqasMjW-z4KdfWqvCfreGPf-REdLrs-4KSrfC3UxU6YzOEb&pvsid=4108554671110810&tmod=1160325905&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HRz8ZltxW9&p=https%3A//ipsnews.net&dtd=38

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

292b3fb75cf36dd51dc74a49a8174be278474017a07f3bbf8569450e9e6940e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsnews.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 33731
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 07:12:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 44ms
44ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ipsnews.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 45ms
45ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ipsnews.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/ Frame 9336 10 KB
4 KB 37ms
36ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsnews.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 26503
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 23:50:38 GMT
etag: 15057649708203361565
expires: Wed, 17 May 2023 23:50:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/ Frame B7C0 10 KB
4 KB 36ms
36ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsnews.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 26503
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 23:50:38 GMT
etag: 15057649708203361565
expires: Wed, 17 May 2023 23:50:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/ Frame EE2B 10 KB
4 KB 36ms
35ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsnews.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 26503
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 23:50:38 GMT
etag: 15057649708203361565
expires: Wed, 17 May 2023 23:50:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/ Frame 0B77 10 KB
4 KB 40ms
38ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsnews.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 26503
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 23:50:38 GMT
etag: 15057649708203361565
expires: Wed, 17 May 2023 23:50:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame B5DE 29 KB
29 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 22:26:30 GMT
x-content-type-options: nosniff
age: 377151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 22:26:30 GMT

GET
H3 200 bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9177 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e6d7ff7829bfa422d2a4f4151f62fa9281e974763c8089c52766f64bcc1ba64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 18:24:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14581
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 May 2024 18:24:30 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 9336 5 KB
659 B 45ms
44ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 May 2023 07:12:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 May 2023 06:10:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 May 2023 07:12:22 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9336 205 B
519 B 39ms
38ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 01:01:11 GMT
x-content-type-options: nosniff
age: 22271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 03 May 2024 01:01:11 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9336 604 B
695 B 40ms
39ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 00:22:35 GMT
x-content-type-options: nosniff
age: 24587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 03 May 2024 00:22:35 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/elements/html/ Frame 9336 19 KB
8 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0761599a569a3a6c03de9e05afc2cf135fb6581abb26c89b3615f46988b31fad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 18:15:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46596
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8031
x-xss-protection: 0
server: cafe
etag: 4566461469134147509
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 18:15:46 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame B7C0 22 KB
9 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8767
x-xss-protection: 0
server: cafe
etag: 1250930375877819641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:55:59 GMT

GET
H2 200 6895426683395543244
tpc.googlesyndication.com/daca_images/simgad/ Frame B7C0 44 KB
44 KB 44ms
43ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/6895426683395543244

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62d351387ee0e83979a977bca6496afec889d080709e87d2f267d680f522d7a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 20:20:41 GMT
x-content-type-options: nosniff
age: 384701
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45359
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 14:16:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Apr 2024 20:20:41 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame B7C0 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:55:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame B7C0 19 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7943
x-xss-protection: 0
server: cafe
etag: 8166942304926428282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:55:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B7C0 160 KB
49 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50014
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683113006724128"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 May 2023 07:12:22 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame B7C0 32 KB
13 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

497e63a5579fcb89c02b41883243a33a50b3a21a21c9d30425d1ea925c7b5a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 18:00:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13048
x-xss-protection: 0
server: cafe
etag: 2238672519398939817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 18:00:21 GMT

GET
H2 200 6895426683395543244
tpc.googlesyndication.com/daca_images/simgad/ Frame EE2B 44 KB
44 KB 47ms
47ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/6895426683395543244

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62d351387ee0e83979a977bca6496afec889d080709e87d2f267d680f522d7a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 20:20:41 GMT
x-content-type-options: nosniff
age: 384701
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45359
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 14:16:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Apr 2024 20:20:41 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame EE2B 22 KB
9 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8767
x-xss-protection: 0
server: cafe
etag: 1250930375877819641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:55:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame EE2B 3 KB
1 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:55:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame EE2B 19 KB
8 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7943
x-xss-protection: 0
server: cafe
etag: 8166942304926428282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:55:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE2B 160 KB
49 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50014
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683113006724128"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 May 2023 07:12:22 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame EE2B 32 KB
13 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

497e63a5579fcb89c02b41883243a33a50b3a21a21c9d30425d1ea925c7b5a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 18:00:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13048
x-xss-protection: 0
server: cafe
etag: 2238672519398939817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 18:00:21 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0B77 4 KB
645 B 46ms
45ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12a3831e778d8969aad8052ad463f9ecc63745c97c994c4e8b15c04e46f49b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 May 2023 07:12:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 May 2023 05:32:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 May 2023 07:12:22 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 0B77 2 KB
800 B 66ms
66ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:55:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0B77 0
0 80ms
80ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cq5_301pTZPygGvqznsEPs9iSmAyc0aepcMiM09WGEdWujKjMARABIIvc6h1gleKQgqAHoAHuhq-qKcgBCakCuEm_tTNnsj6oAwHIA8sEqgTxAk_QxjEpeXTJV_z4Dsv52rn2PYlJjueLxM0DM_HLtNwLLImsYrNAViGjzrG_2-zUwD96E5wRPY1uTvtrM52iF1Jn7trXhF2_AusUhF8GSRHfp1qcOtNo3a1MBRK30tvasC6QVq2V7jZAHks5la0R5N8scvOQhZ7rTY004vLJ8Ulp7-dCR1h27uXKEpwdR5IvCKXrq96txqc3UKnqOz45IdFlyA9KDFVFwdnvxUXORv05tCJi6CQ_BZf-KLqPjT4OWBCuapXwNmLoa6NxamI7Zpl8LzBepwwv61CKO6gto5d1l2zt349jlvFeDH1NEiNGu_7fcHXkjt3CKJsRRE8wGyXTUWzeIkP2P9BjJg3XRvxZkezRlXyppTt8XVFnn20PWMMarJ6HlINexQxR9V06UOjyiZjh6EEQgm_5iTtyMxuV4qANBqTNv-7zavFunJTDAlSf-fXU7fAiZHbKEvrps4Ii5eX_JlECPQws9Nq0I0UE9cAEpuadz7cEoAYugAfuvv-JBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIL4I9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwG4E-QD2BMDiBQB0BUBgBcBshccChoIABIUcHViLTY0MTIxMTc0NjcyMjk0MzUYAA&sigh=bI2TYQSFZaY&uach_m=[UACH]&cid=CAQSGwBygQiDSS5Gcm3yP2fNIQjfslmPiGtNJic3bBgB&template_id=484

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 04 May 2023 07:12:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame 0B77 22 KB
9 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8767
x-xss-protection: 0
server: cafe
etag: 1250930375877819641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:55:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 0B77 3 KB
1 KB 64ms
62ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:55:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 0B77 19 KB
8 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7943
x-xss-protection: 0
server: cafe
etag: 8166942304926428282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:55:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0B77 160 KB
49 KB 75ms
73ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50014
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683113006724128"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 May 2023 07:12:22 GMT

GET
H2 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame 0B77 32 KB
13 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 00:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 20:09:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 00:42:45 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/6647710915238950911/ Frame 0B77 46 KB
46 KB 62ms
61ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6647710915238950911/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9926a5c475183d9f2440ab8192894b0ff5cba6f206f278a54078bfd48576a72e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:43:22 GMT
x-content-type-options: nosniff
age: 566940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46623
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 14:36:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 26 Apr 2024 17:43:22 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8024542170158878865/ Frame 0B77 2 KB
2 KB 72ms
71ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8024542170158878865/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27eef225d0547f8b2688bb85c468e8c0bd57b405e370411d6512a1c6ae62acae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:43:22 GMT
x-content-type-options: nosniff
age: 566940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1797
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 14:37:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 26 Apr 2024 17:43:22 GMT

GET
H3 200 e6ca7bffdb571b122f7e2a992921a2d5.js Show response
www.gstatic.com/mysidia/ Frame 820D 8 KB
4 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e6ca7bffdb571b122f7e2a992921a2d5.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

671485b0714fdbb8c1c7fd0d2e632f0b183e62577af1fc2dc38933cb8bfb46a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 00:42:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3681
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 17:44:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 00:42:48 GMT

GET
H3 200 cadb74451573414477e4ae8b930a9f91.js Show response
www.gstatic.com/mysidia/ Frame 820D 148 KB
54 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cadb74451573414477e4ae8b930a9f91.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8392ac00ee2eead1bb979d15418ead05583eb188456ca47de4425175e43f8fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 00:54:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55670
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 20:09:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 00:54:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 820D 2 KB
765 B 51ms
50ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:55:59 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame 820D 22 KB
9 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8767
x-xss-protection: 0
server: cafe
etag: 1250930375877819641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:55:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 820D 3 KB
1 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:55:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 820D 19 KB
8 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7943
x-xss-protection: 0
server: cafe
etag: 8166942304926428282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:55:59 GMT

GET
H3 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame 820D 32 KB
13 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 00:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 20:09:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 00:42:45 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B1C4 143 B
166 B 49ms
48ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 07:09:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EA09 143 B
166 B 37ms
35ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 07:09:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0B77 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54a37caebefd3efc7274f2bbe586c3eba9c6a52c8c96101654162e33a049ea42

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 820D 0
234 B 330ms
120ms Ping
image/gif 2607:f8b0:4023:140f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lh8shyl7&c=5671436254038&slotId=2835718127019&qqid=CLnWkqWO2_4CFfqZJwIdM6wEww&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cadb74451573414477e4ae8b930a9f91.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4023:140f::5e Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B7C0 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12ca6c551b107f1e77423704e92089d98d5b267c7b1f3f7c091d9fa1c6561cdc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

206

videoplayback
r4---sn-5hne6ns6.gvt1.com/ Frame 820D
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=8ac3975dce9a124e&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1683191541&sparams=ip,ipbits,expire,id,...
https://r4---sn-5hne6ns6.gvt1.com/videoplayback?id=8ac3975dce9a124e&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1683191541&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

1 MB
1 MB

85ms
21ms

Media
video/mp4

2a00:1450:400e:3::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-5hne6ns6.gvt1.com/videoplayback?id=8ac3975dce9a124e&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1683191541&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=04BDAF3AE696F28CE8B22D32CF1004EA363CAB0F.433784F0E7A6AED4A38CA482DCC9FB012E15F235&key=cms1&cms_redirect=yes&mh=pQ&mip=2a03:1b20:6:f011::6e&mm=28&mn=sn-5hne6ns6&ms=nvh&mt=1683184002&mv=u&mvi=4&pl=48

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

2a00:1450:400e:3::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

3eb15608f6e17a1244cfa1557843da109ac611cfe975fb66928139fab1ad0526

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 04 May 2023 07:12:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 16 Apr 2023 21:48:22 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-1176883/1176884
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1176884
expires: Thu, 04 May 2023 07:12:22 GMT

Redirect headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:22 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r4---sn-5hne6ns6.gvt1.com/videoplayback?id=8ac3975dce9a124e&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1683191541&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=04BDAF3AE696F28CE8B22D32CF1004EA363CAB0F.433784F0E7A6AED4A38CA482DCC9FB012E15F235&key=cms1&cms_redirect=yes&mh=pQ&mip=2a03:1b20:6:f011::6e&mm=28&mn=sn-5hne6ns6&ms=nvh&mt=1683184002&mv=u&mvi=4&pl=48
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 707
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B1C4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

48ms
47ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 07:12:22 GMT
expires: Thu, 04 May 2023 07:12:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 07:12:22 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 6EB5 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e6d7ff7829bfa422d2a4f4151f62fa9281e974763c8089c52766f64bcc1ba64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 18:24:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14581
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 May 2024 18:24:30 GMT

GET
DATA 200
OK truncated
/ Frame EE2B 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6fc8f8442d4aa7a3e2c22479e66842ae25b4e47d9b04fe9d949b4c6a05fd1e9b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 78FC 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e6d7ff7829bfa422d2a4f4151f62fa9281e974763c8089c52766f64bcc1ba64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 18:24:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14581
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 May 2024 18:24:30 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B7C0 0
19 B 81ms
81ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrnhL01pTZPqgGvqznsEPs9iSmAyM9KCHcI-D6eiFEY_TrK2VDhABIIvc6h1gleKQgqAHoAGMlN2nKMgBAqgDAcgDyQSqBOcCT9AO3aISFkFFmTtcHjouUAOzsTEd1Byqqm8EIopmqj6-ZCzSO-5waZj8f8Z9ASrtjbJAMpJPPZab5C36ivorJjr0Fsp3RtGbm9_gZvK6-Py5zW1nFLXeDM-lO97KD8qaI1SeRiphwi08jvJc9eUTpBSeI1qYrCQVGa508pt82T5ZtrrTGN5CbAY0_eKP8SpeeHgyr9mLOVKUQ15DDdqlC5dcVcF7u6nGZJa6OV6bMQ6ovWCELaUgYEabmHledq3ZbL4kxH5z807fIDtUHCRkkTin5mToz4nrvVQxY7CRmQ1ISAdVagusSC--GdjhYuN87jtbCDtOry9Gf92yqIC4G8smoEOQr8eZvUQGCr_Wi7y8OIZYFuf9Iw-2zjF9VR-nSb5JvR4r6zpKJuqmc3jOiP9ge2AK3-AJ1t8tNteEya-54Q2tuFNTfO-SIOEdwReaTWO5MBouuBpTd5KMKD1IeMcnWuvaP3jABP_wyqaLBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeMzK2HA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOiJDdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNjQxMjExNzQ2NzIyOTQzNRgA&sigh=OyV66YQk2Do&uach_m=[UACH]&cid=CAQSGwBygQiDSS5Gcm3yP2fNIQjfslmPiGtNJic3bBgB&vis=1

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 04 May 2023 07:12:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EA09
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

45ms
45ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 07:12:22 GMT
expires: Thu, 04 May 2023 07:12:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 07:12:22 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js Show response
pagead2.googlesyndication.com/bg/ Frame AF98 37 KB
14 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e6d7ff7829bfa422d2a4f4151f62fa9281e974763c8089c52766f64bcc1ba64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 18:24:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14581
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 May 2024 18:24:30 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EE2B 0
19 B 85ms
85ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkLZf01pTZPugGvqznsEPs9iSmAyM9KCHcI-D6eiFEY_TrK2VDhABIIvc6h1gleKQgqAHoAGMlN2nKMgBAqgDAcgDyQSqBOcCT9B1UwmUxo6ZOGIzU8_KG7lXqGjXnQBoegU-4kEX9oDRcTCrXVO0yMIjnx0ZNCXWpOitbVZVc7xCXNb_2q229UTwDHyCgPJsxR3kyWKQAL9nDTLhFXto24lZYlwpqDD8jaUeocoIfUXTk-ctKtyJfYABctCKKJc2mSCLHKpX6t6lHrTgCYKWVrelo_lEgaoL80gw7-fPXL1bHOuV_Gqi-TMOO82Oks8n1yk-EODVg_jdyUijuVbRJhftjSKbV2Q56it0I7Ur5XrlDYdza2Q-xQMkuzwKaHd6pqop1W0GH73A3HCSSoOWGfy231NFQow_3ixHrhStCo0FTkLH2T83pQKRA9sSAGJWXI8pu1c_BGLUOCL_8IoDG0xzW59vfoesvIW7llp-8yqdF1W1muw19F_8Muf20nrCRkF8lidmfYFwGzGlTF8_AdnQcgT1JLHiBIiom8we4CKzRoeHh-Js38R3IOLzk9TABP_wyqaLBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeMzK2HA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEODfBtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNjQxMjExNzQ2NzIyOTQzNRgA&sigh=zF4rBjgHrVQ&uach_m=[UACH]&cid=CAQSGwBygQiDSS5Gcm3yP2fNIQjfslmPiGtNJic3bBgB&vis=1

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 04 May 2023 07:12:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B5DE 42 B
174 B 75ms
74ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvXZkubUpksSWFmvMSfFVoG7pq72F6kYXx65B90sV6tHcmjRfzYL7xum2zgIhHppgzjmOqHCOALNRiMSptHfJyr0I117Oph1QP1OpMpOuvivv5otuIz6Cb4QMkLN6t3_1VEcd9hHw&sai=AMfl-YS-0KKPni-i0wuHXJBCom6gUPEZ-mvCNG9E6adGS1RBU-xrcNvdiXH_jtgNoF-PruFDoha8c2Dv7oyY&sig=Cg0ArKJSzAgux0VwibsdEAE&cid=CAQSGwBygQiDu02ywylOgil63HjqI2aIrR9VJYeFVRgB&id=lidar2&mcvt=1016&p=0,0,280,1200&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20230503&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1859842940&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683184339409&rpt=2513&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js Show response
pagead2.googlesyndication.com/bg/ Frame F311 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e6d7ff7829bfa422d2a4f4151f62fa9281e974763c8089c52766f64bcc1ba64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 18:24:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14581
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 May 2024 18:24:30 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0B77 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstmv1RtS_K3FIVgrEOlwd-mX2pmGjgM3NheAHJk1clHV_IYnfkJf3Ttqn0YyNqD1SLaYO_xM3gqIU9GEKhyS5PUniIV3hnpNtUD4ORYCqaHjvKTKiJd8GFyv_f7TkqMOymIYoCp6TJsv_oVGXd0lEqo7jMp5iYoQO7GIR5yYkY6N84iu-ePeMvjz9SUx0cXzEcymRuaB-P9X5SOPHuhOjB2IvR9MUipkRSB7Y2fj5nqUUpXeBiSAzarbpfyH7JlTA8lJ1fEUBElGy5K-m0EgtLned0l_3OYQppfe5RT2r3AuIvh_EWcGOtrLrX9V1LnFpE2xUao0GkoVWBqAH_tOIeomYzPzt-xXGWYLnDMEpoLAZN4SwqsFhUI1sXCsusJXiNNc1VXXB6SVywmNUWhDKwpdODe7SQ2L3v6GZFaT18wN6JTjx2CwhmqmU2LoNDD9TJ_qfpJTJftwH8LW6a_os9WErYeu0Y9kxKWC7f4WypA2f3Eb-AMhkueH75qlMuLWsBY3Ubm01SmRxd20LnF7bL6N9Ic-s_dm_eaqCDvUb4btuLfvNh5ws2_c-_oIW5rOt0wTRAfIEP5--YHkAOGeDE9zJnxAu4ZCSnyToid0e5ZJcjKVxME7QwwREkgk5jN8NotHn5RWJbFq2i2DhaKVXDWKJyJGIDCtEycnNXFIl6lrxVyn5Kl2tY9VMfnG2FGpCOZUngvDoTO8xProicKh2Xj-rXUeUBshaP78EDxXHyL34nxM_4vL-bFiYdmu00Ot3B6kc7q1CMzhbqv2CN1q-q-49PXWSexSt3LvDVK5A3TXwfeBIgfsw3aYWd7Gewb4auvxT6ouCmkrzzodMWwdd85zRl-M6dGSttU0QJCAPNH-OmaUs_B5E8Dqi1jwj8KSFUJ1TuSkD77242L32GA12_QlEYWg4k8nG97poRzqP04_OoZSfG01oBDoSPZ1hXem78J_XIUpsH8s6mnZO8vThTKtgmYc8ZT_MkoaAMTNoWM40Oh4wmBqySBD1ZaOP39iBwUrrl03cjKv-SgqE1vZELGib-LW2f0EBZcixgIaUqgii1k4Yo9VlA8jPeryf63hj6tY7OTBuqfcFn5jrwYbriDZ5HHGks3XWyhCXDIh8rTw1e2LSYHsYgKXjetmQMF_8vss1br7orxYO4ubjYbQvaNq4JqsVu_4Yp-W1e5l5I9mT9wUYWg9nF-WKtW34PBnGphwHhoYJheXoKcpwjEqAByCryCeFwo7_IcbziiehfVvbymMxo&sai=AMfl-YTGDc8IIsZlDO33u4UDQMF7ncLiEzJjtsA6Fz73UbIlYhcIFE6x75O03prpyZ4u3VAuZhJi_T-41cd-CeBiupqE6CMCATH1ig&sig=Cg0ArKJSzNjQAzhOkSWREAE&cid=CAQSGwBygQiDSS5Gcm3yP2fNIQjfslmPiGtNJic3bBgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=340,1000,1000,1000,1000&tos=340,660,0,0,0&v=20230503&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683184341798&rpt=655&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B7C0 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1R0Jed1M0Y0R9yKh3NLn-tct8BSgxA6TjH5xqU0QNw16xscl76OvrbTqwgc0RHovzvFimZjOgPoF6Z_k03Ym1-qq4q-hJRXMW1lK9IAxoz2gzlYW4xmzd4GIMg1rPkShucB9nHQ&sai=AMfl-YTOxuTZbaL9wLJTcXyBsrHbqC9GkPmMsPz6HahOYoW0ULcaNwUTo-z88w9DnNjL7JEOe3L1xpq4jNEM&sig=Cg0ArKJSzGH-FJe7lW9tEAE&cid=CAQSGwBygQiDSS5Gcm3yP2fNIQjfslmPiGtNJic3bBgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230503&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683184341793&rpt=487&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EE2B 42 B
64 B 72ms
72ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvMSMtK9IdR7COyAFbFTSy_4SfDTr4GJZjTGZk6Uie_XwtRxhMojYHYoTPt_325QqC0Lonsg8_DlM_3WnfsOuk14iBXTfApfV0i56Ft1qR9a0DGsb7fAqqptPMbJmfiH7iHmYxH6g&sai=AMfl-YRsUIxXEvtWT86nVMCvxsEjlVhut9yQO5EKNXjQxE8wckjLYd5te3PpPs7ASXQDstCa8aosLOGwt-M5&sig=Cg0ArKJSzGwBXXijIpqnEAE&cid=CAQSGwBygQiDSS5Gcm3yP2fNIQjfslmPiGtNJic3bBgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230503&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683184341797&rpt=528&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 8C47 3 KB
2 KB 237ms
14ms Script
application/x-javascript 185.29.132.246

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVdJMU9HWTBOREl0WWpkall5MWtOVFkzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzY1NDc0NTc5NzE2MjI0NjU0Ny82NjIyMzI3LzQ1NjIzMDYvNC9ESFNDM3Nsb1NycWg5enJyUjFEdTU5S0pzUHpoS0p0eDJxaURyZF9SWklnLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzY1NDc0NTc5NzE2MjI0NjU0Ny96cmgvMC8xODQvMzgvOTk5LzMyMi8yYTAzOjFiMjA6Njo6LzAuMDAwLzE2ODMxODQzNDEvMTY4MzE5Njk0MS80L3B1Yi02NDEyMTE3NDY3MjI5NDM1Lw/Z-5lzFxXhfY61ZuJtQQldgzd9S0&nodeid=4169&group=zrh&auctionid=654745797162246547&pbs_auctionid=654745797162246547&shardkey=654745797162246547&sid=4562306&cid=6622327&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.145&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt_Ar1VpTZK-4KZ-tkdUPjY6WuArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NDEyMTE3NDY3MjI5NDM1yAEJqAMBqgTXAk_QS53ycH6q9pQ7Fl1F4t9fp6X2mbEg76osTtf2KT38OUTTMVb_ACKqvNwYV33lP20LWFrGhZONRYjjuzQQlhq_3cMywvkdguNMUe3LlWe62E6yl2g_ie5nWW3fVM4-z3UpZIkZC3yxBI5PuUtVqRQ1rkLqAbts1CuTAFsQj3x5t-ZhgFwv1ZT-5ekFS7jQqvsqwIrwURq7nvr5Y8_wGqBhY-emtr1JscbNJDjDDz0Pbpz5FKqjmVMBVFRE6NLS8D4KCSj1fY5oMOoLcPppSPrGZk-AubZHCJs6-lQR8nW864G-gJ4Gc5NDx8eManr2bmr2Ds_QEmCDoc_YfMVbLn7YFETOrhN98wDajysknHAHlRgAKt1JbfIt0NdQhu3jzHmNh3sjY-NReY_MCkmeuknHvxht_42siAeSkkiennVYU3KwTmOJ86gtjCUZ2DnqVHTjrVhsHuuABrPp9fjfzMC4uQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3hyaCfgC1FJWTiwC8cA4z-sl3v8g%26client%3Dca-pub-6412117467229435%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=600&adk=1179306731&adf=1549132715&pi=t.aa~a.1596287903~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1683184341&rafmt=1&to=qs&pwprc=2587445467&format=300x600&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F01%2F30%2Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683184341620&bpp=1&bdt=3930&idt=-M&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da8bbdb08e4147e5f-22177a8882df0083%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_Mb9pQXMaEMn_cMJgI7iHU5a_8nl3A&gpic=UID%3D00000bf531c999a3%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_MYSLwq-Q8rz9m_Dekl25fuRtR8yEA&prev_fmts=0x0%2C1200x280&nras=3&correlator=1844371234189&frm=20&pv=1&ga_vid=660110418.1683184339&ga_sid=1683184339&ga_hid=700711020&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=1786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44773810%2C44788441%2C44789925&oid=2&psts=ABHeCvjyXtovpfdjv5xUFRgOH4zwNmIyihbiQQx4kp5_8xMrbRqasMjW-z4KdfWqvCfreGPf-REdLrs-4KSrfC3UxU6YzOEb&pvsid=4108554671110810&tmod=1160325905&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=frlZhSNZM0&p=https%3A//ipsnews.net&dtd=13
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 -, , ASN (),
Reverse DNS
Software: MMBD/3.387.0 /
Resource Hash: 7d4e702c0fb0304b3a019bfbbfaddf227166351777b67e19f40674f06bfc1634

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:24 GMT
x-mm-nodeid: 4169
Content-Encoding: gzip
x-mm-bid-request-time: 1683184341
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Thu, 04 May 2023 07:12:21 GMT
Server: MMBD/3.387.0
x-mm-latency: 1 (0)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: zrh-router-x22, zrh-bidder-x36
x-mm-lag: 3
Expires: Thu, 04 May 2023 07:12:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 8C47 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=600&adk=1179306731&adf=1549132715&pi=t.aa~a.1596287903~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1683184341&rafmt=1&to=qs&pwprc=2587445467&format=300x600&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F01%2F30%2Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683184341620&bpp=1&bdt=3930&idt=-M&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da8bbdb08e4147e5f-22177a8882df0083%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_Mb9pQXMaEMn_cMJgI7iHU5a_8nl3A&gpic=UID%3D00000bf531c999a3%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_MYSLwq-Q8rz9m_Dekl25fuRtR8yEA&prev_fmts=0x0%2C1200x280&nras=3&correlator=1844371234189&frm=20&pv=1&ga_vid=660110418.1683184339&ga_sid=1683184339&ga_hid=700711020&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=1786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44773810%2C44788441%2C44789925&oid=2&psts=ABHeCvjyXtovpfdjv5xUFRgOH4zwNmIyihbiQQx4kp5_8xMrbRqasMjW-z4KdfWqvCfreGPf-REdLrs-4KSrfC3UxU6YzOEb&pvsid=4108554671110810&tmod=1160325905&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=frlZhSNZM0&p=https%3A//ipsnews.net&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47784
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:55:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 8C47 19 KB
8 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47784
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7943
x-xss-protection: 0
server: cafe
etag: 8166942304926428282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:55:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C47 160 KB
49 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50014
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683113006724128"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 May 2023 07:12:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8C47 0
0 81ms
80ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVxGH1VpTZK-4KZ-tkdUPjY6WuArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NDEyMTE3NDY3MjI5NDM1yAEJqAMBqgTUAk_QS53ycH6q9pQ7Fl1F4t9fp6X2mbEg76osTtf2KT38OUTTMVb_ACKqvNwYV33lP20LWFrGhZONRYjjuzQQlhq_3cMywvkdguNMUe3LlWe62E6yl2g_ie5nWW3fVM4-z3UpZIkZC3yxBI5PuUtVqRQ1rkLqAbts1CuTAFsQj3x5t-ZhgFwv1ZT-5ekFS7jQqvsqwIrwURq7nvr5Y8_wGqBhY-emtr1JscbNJDjDDz0Pbpz5FKqjmVMBVFRE6NLS8D4KCSj1fY5oMOoLcPppSPrGZk-AubZHCJs6-lQR8nW864G-gJ4Gc5NDx8eManr2bmr2Ds_QEmCDoc_YfMVbLn7YFETOrhN98wDajysknHAHlRgAKt1JbfIt0NdQhu3jzHmNh3sjY-NReY_MCkme-EvmLbTRW4ohLE85SggxbmhMWc66YHtoTmhtI9-4xhXy-u1fqtWABrPp9fjfzMC4uQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY0MTIxMTc0NjcyMjk0MzUYAA&sigh=Ahr1LdmWGE0&uach_m=[UACH]&cid=CAQSPABygQiD10raH7K-hF3AvWtP-XJNRbhkxoE0YH6Bi-d1YrTJjzR42mMpJftkM9B7Y-IYpmAOQfrT43TSqhgB&tpd=AGWhJmuw4GjODxeL8sPZ68GT9AsQZGlQuCeZppbESCPrFeEXnoUoS8gLPUwbeHP-FtjICwv_ePtCSfB-sCDDYyjeAAVQE6zEOolt9Seuu0fgANtsRkS7VJXfTVVdnyugwi3IWaRUvv3P2gGKo0oHTBaz8GGqf__ISltMPDRF8JogRFTKLz6D4gMpvw-R3ILNGdhZ5C_HYuJsKRPm_Vru9eMEZeDAZYtfbxD8myd-RnzzbxtefYYJ9CikAHD6_2RXZUd4aU_uZDxce_4jsL9b5iXCA6T4onkWmgg9kDbGk0_qu2VimI4t2MZK5ZPh82UX-XEos1aDXpstFl7swU9VbWc31pO1pU86VRuI-YWTlTmUi-7RZ51aIRtP7FolYgfBCuyRX7nkF41a6Rg7-6Frl_2YhrCEJxSPhWpEv6suatUm-BtGqZLLigmSKisBqkNMcKEc6P3Ryq45Q8h1TXzEla6ZQLw1Qa4cLM3_3_MY7n7I0XZUY3feL8_HrWb2j8pRTvnQsUx-Wde3qf7KjGDMe1gwcMkti14l7W5p6h2gR_WBB07Wd2wO2VTf3DNoAfYAh-by1A15eiHu0pnZkWTsSfjjEjHQXqWyRlnuETZwDg16fcjN5AzLMpKDwSZ_205ijCUL_0DftoV2tqw_L68vZapP4hLyKqY5ZKFGvDYJuLmQT1e1iO-IBLBiEVQ7IZI1itA2RCylbHjXZT_8UOMFPVDXkGKV8-drPed0q1gS-yc0JW_915_5kXrpULlw378FJ8yxWgXdPPUvgmrGs_qA8hQGKJ0S2POta-bJSX-anFjVuNGbyj0hTSaJrJIU49r64tzUxVA8wAqDqS6Z4vHtRddk_E0tfid3aDJKYv8a7RiRP-jb9QwEKcqadnbQBCdjbJkt5qdOgJDfWjQSZmK-NpiSUoFwlLBYn7lDpGZOy3wVQahylfXi0qt5Pul00ZzbVMl8UN8czfvWj7zTsw9_E-rb6_a3h5oovImJrn6NZ5o_A3p_bwDHFMLZz6qLxAybWkR-HQ3KATu1kgaI8AO2322BbX00Xs4_S_BpVrg3UF1U0DgcGy97Y-ru2rLOzImb7FvH4X2-mg5brPGB2A8mUAhHMbOJ6UgC4QQwZgubKEqUxfU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=600&adk=1179306731&adf=1549132715&pi=t.aa~a.1596287903~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1683184341&rafmt=1&to=qs&pwprc=2587445467&format=300x600&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F01%2F30%2Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683184341620&bpp=1&bdt=3930&idt=-M&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da8bbdb08e4147e5f-22177a8882df0083%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_Mb9pQXMaEMn_cMJgI7iHU5a_8nl3A&gpic=UID%3D00000bf531c999a3%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_MYSLwq-Q8rz9m_Dekl25fuRtR8yEA&prev_fmts=0x0%2C1200x280&nras=3&correlator=1844371234189&frm=20&pv=1&ga_vid=660110418.1683184339&ga_sid=1683184339&ga_hid=700711020&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=1786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44773810%2C44788441%2C44789925&oid=2&psts=ABHeCvjyXtovpfdjv5xUFRgOH4zwNmIyihbiQQx4kp5_8xMrbRqasMjW-z4KdfWqvCfreGPf-REdLrs-4KSrfC3UxU6YzOEb&pvsid=4108554671110810&tmod=1160325905&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=frlZhSNZM0&p=https%3A//ipsnews.net&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 04 May 2023 07:12:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 820D 0
54 B 116ms
115ms Ping
image/gif 2607:f8b0:4023:140f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lh8shylg&c=5671436254038&slotId=2835718127019&qqid=CLnWkqWO2_4CFfqZJwIdM6wEww&umsem=0&ple=1&ape=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cadb74451573414477e4ae8b930a9f91.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4023:140f::5e Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:24 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 16955442164656795252
tpc.googlesyndication.com/simgad/ Frame 51D1 34 KB
34 KB 37ms
36ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16955442164656795252?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmASzg3lB-V28nPlWKytIto7TYs6g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=240&adk=27255752&adf=1123737134&pi=t.aa~a.2004663329~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1683184341&rafmt=1&to=qs&pwprc=2587445467&format=300x240&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F01%2F30%2Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683184341620&bpp=1&bdt=3931&idt=1&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da8bbdb08e4147e5f-22177a8882df0083%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_Mb9pQXMaEMn_cMJgI7iHU5a_8nl3A&gpic=UID%3D00000bf531c999a3%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_MYSLwq-Q8rz9m_Dekl25fuRtR8yEA&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=1844371234189&frm=20&pv=1&ga_vid=660110418.1683184339&ga_sid=1683184339&ga_hid=700711020&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=3951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44773810%2C44788441%2C44789925&oid=2&psts=ABHeCvjyXtovpfdjv5xUFRgOH4zwNmIyihbiQQx4kp5_8xMrbRqasMjW-z4KdfWqvCfreGPf-REdLrs-4KSrfC3UxU6YzOEb&pvsid=4108554671110810&tmod=1160325905&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HRz8ZltxW9&p=https%3A//ipsnews.net&dtd=38

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5acfaaff0e04c155a9eb909a0f6c537ea58bf6b4fbfd9c056a7cce57d5bb842b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 21:52:50 GMT
x-content-type-options: nosniff
age: 379174
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35021
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 13:13:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Apr 2024 21:52:50 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame 51D1 22 KB
9 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47785
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8767
x-xss-protection: 0
server: cafe
etag: 1250930375877819641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:55:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 51D1 3 KB
1 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47785
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:55:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 51D1 19 KB
8 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47785
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7943
x-xss-protection: 0
server: cafe
etag: 8166942304926428282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:55:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 51D1 0
0 48ms
47ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrGqwRSd3sAVA1UN_XOvjIbXuQUf-gFhooNQ30IZcJxL44r9Xn1JgZ6cd9zdAyBh3tZA7sXYg0ia_1dmLNg1C-RJyBGQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=240&adk=27255752&adf=1123737134&pi=t.aa~a.2004663329~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1683184341&rafmt=1&to=qs&pwprc=2587445467&format=300x240&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F01%2F30%2Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683184341620&bpp=1&bdt=3931&idt=1&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da8bbdb08e4147e5f-22177a8882df0083%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_Mb9pQXMaEMn_cMJgI7iHU5a_8nl3A&gpic=UID%3D00000bf531c999a3%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_MYSLwq-Q8rz9m_Dekl25fuRtR8yEA&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=1844371234189&frm=20&pv=1&ga_vid=660110418.1683184339&ga_sid=1683184339&ga_hid=700711020&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=3951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44773810%2C44788441%2C44789925&oid=2&psts=ABHeCvjyXtovpfdjv5xUFRgOH4zwNmIyihbiQQx4kp5_8xMrbRqasMjW-z4KdfWqvCfreGPf-REdLrs-4KSrfC3UxU6YzOEb&pvsid=4108554671110810&tmod=1160325905&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HRz8ZltxW9&p=https%3A//ipsnews.net&dtd=38
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 51D1 160 KB
49 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50014
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683113006724128"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 May 2023 07:12:24 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 51D1 32 KB
13 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

497e63a5579fcb89c02b41883243a33a50b3a21a21c9d30425d1ea925c7b5a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 18:00:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47523
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13048
x-xss-protection: 0
server: cafe
etag: 2238672519398939817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 18:00:21 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 51D1 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C51kG1VpTZIajKoDgnsEP3dW2yAiM9KCHcL3egP-WEY_TrK2VDhABIIvc6h1gleKQgqAHoAGMlN2nKMgBAqgDAcgDyQSqBO0CT9DpZSFs-uiEvleECNvaTlvpMO5bZ_RJRkedWGIZUUOk9uwomZx87IEbeF_70YFIyFnQCYV1f4LOy6jFjASEHGF52uteoTeCP3WIgw6G2DOGTkax4csgJJbTZ8ccF0ClLJZOoD9yGw2k2QyRUKRMeB3oFdMbqhbOSBo1rDfC3v08fwypyPsLX-ayktn7PKcvTCJFwvnfLr_wJLR-PJIOw7tBAgRdfL9gwRfhJk-GTQVmGLbT65Hg0Ci3KjXWqKaKsp-0j9htcJn2DBC0cRT6gJTsFC4fcJQVE2KJoLdZ-pdB1QqV0wlBSD1eg75ee4aDnGhk8DYzA8oev8n1vi3kSYtkEl-a74sLYk_p3E_9O4L5gTYrZxZN2CEDSGMO0GNHtXrbQC6Qgt3HClBC6-t0zZDcd56gKUygS49gGRez5d61mGI2zzD1CPFy0KLjGbNfOBQT-tIBW15nx25XVyStv-0O-SfXL7zVVGsr797ABP_wyqaLBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeMzK2HA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIDxAdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNjQxMjExNzQ2NzIyOTQzNRgA&sigh=cHGxXbv2k1A&uach_m=[UACH]&cid=CAQSPABygQiDn-_0f2XcfLL346RB06bqC7q3a4-sdUN8CzA6jHu1sPfJd2XYVe-Sf5esh1fzrS_poY_J3-EDUBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=240&adk=27255752&adf=1123737134&pi=t.aa~a.2004663329~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1683184341&rafmt=1&to=qs&pwprc=2587445467&format=300x240&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F01%2F30%2Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683184341620&bpp=1&bdt=3931&idt=1&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da8bbdb08e4147e5f-22177a8882df0083%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_Mb9pQXMaEMn_cMJgI7iHU5a_8nl3A&gpic=UID%3D00000bf531c999a3%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_MYSLwq-Q8rz9m_Dekl25fuRtR8yEA&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=1844371234189&frm=20&pv=1&ga_vid=660110418.1683184339&ga_sid=1683184339&ga_hid=700711020&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=3951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44773810%2C44788441%2C44789925&oid=2&psts=ABHeCvjyXtovpfdjv5xUFRgOH4zwNmIyihbiQQx4kp5_8xMrbRqasMjW-z4KdfWqvCfreGPf-REdLrs-4KSrfC3UxU6YzOEb&pvsid=4108554671110810&tmod=1160325905&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HRz8ZltxW9&p=https%3A//ipsnews.net&dtd=38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 04 May 2023 07:12:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK yrsa821xsiee Show response
hal9000.redintelligence.net/zone/ Frame 8C47 10 KB
4 KB 47ms
13ms Script
text/html 144.76.238.55

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/yrsa821xsiee?subid=&gdpr=1&gdpr_consent=li&rnd=654745797162246547&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dyt738aPC38533p9bwRHhHw%26exch_seat%3D20035004448%26mt_aid%3D654745797162246547%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D91026453-5ad8-4e01-b1e3-e185a75e9ced%26mt_cid%3D91026453-5ad8-4e01-b1e3-e185a75e9ced%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCt_Ar1VpTZK-4KZ-tkdUPjY6WuArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NDEyMTE3NDY3MjI5NDM1yAEJqAMBqgTXAk_QS53ycH6q9pQ7Fl1F4t9fp6X2mbEg76osTtf2KT38OUTTMVb_ACKqvNwYV33lP20LWFrGhZONRYjjuzQQlhq_3cMywvkdguNMUe3LlWe62E6yl2g_ie5nWW3fVM4-z3UpZIkZC3yxBI5PuUtVqRQ1rkLqAbts1CuTAFsQj3x5t-ZhgFwv1ZT-5ekFS7jQqvsqwIrwURq7nvr5Y8_wGqBhY-emtr1JscbNJDjDDz0Pbpz5FKqjmVMBVFRE6NLS8D4KCSj1fY5oMOoLcPppSPrGZk-AubZHCJs6-lQR8nW864G-gJ4Gc5NDx8eManr2bmr2Ds_QEmCDoc_YfMVbLn7YFETOrhN98wDajysknHAHlRgAKt1JbfIt0NdQhu3jzHmNh3sjY-NReY_MCkmeuknHvxht_42siAeSkkiennVYU3KwTmOJ86gtjCUZ2DnqVHTjrVhsHuuABrPp9fjfzMC4uQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3hyaCfgC1FJWTiwC8cA4z-sl3v8g%2526client%253Dca-pub-6412117467229435%2526adurl%253D%26redirect%3D
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7304f1b474326040d4db137510f20c822013171322517721a6428ece405a6f38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3504
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 8C47 49 B
329 B 35ms
13ms Image
image/gif 185.29.132.246

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=654745797162246547&node_id=4169&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVdJMU9HWTBOREl0WWpkall5MWtOVFkzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzY1NDc0NTc5NzE2MjI0NjU0Ny82NjIyMzI3LzQ1NjIzMDYvNC9ESFNDM3Nsb1NycWg5enJyUjFEdTU5S0pzUHpoS0p0eDJxaURyZF9SWklnLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzY1NDc0NTc5NzE2MjI0NjU0Ny96cmgvMC8xODQvMzgvOTk5LzMyMi8yYTAzOjFiMjA6Njo6LzAuMDAwLzE2ODMxODQzNDEvMTY4MzE5Njk0MS80L3B1Yi02NDEyMTE3NDY3MjI5NDM1Lw/Z-5lzFxXhfY61ZuJtQQldgzd9S0&nodeid=4169&group=zrh&auctionid=654745797162246547&pbs_auctionid=654745797162246547&shardkey=654745797162246547&sid=4562306&cid=6622327&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.145&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt_Ar1VpTZK-4KZ-tkdUPjY6WuArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NDEyMTE3NDY3MjI5NDM1yAEJqAMBqgTXAk_QS53ycH6q9pQ7Fl1F4t9fp6X2mbEg76osTtf2KT38OUTTMVb_ACKqvNwYV33lP20LWFrGhZONRYjjuzQQlhq_3cMywvkdguNMUe3LlWe62E6yl2g_ie5nWW3fVM4-z3UpZIkZC3yxBI5PuUtVqRQ1rkLqAbts1CuTAFsQj3x5t-ZhgFwv1ZT-5ekFS7jQqvsqwIrwURq7nvr5Y8_wGqBhY-emtr1JscbNJDjDDz0Pbpz5FKqjmVMBVFRE6NLS8D4KCSj1fY5oMOoLcPppSPrGZk-AubZHCJs6-lQR8nW864G-gJ4Gc5NDx8eManr2bmr2Ds_QEmCDoc_YfMVbLn7YFETOrhN98wDajysknHAHlRgAKt1JbfIt0NdQhu3jzHmNh3sjY-NReY_MCkmeuknHvxht_42siAeSkkiennVYU3KwTmOJ86gtjCUZ2DnqVHTjrVhsHuuABrPp9fjfzMC4uQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3hyaCfgC1FJWTiwC8cA4z-sl3v8g%26client%3Dca-pub-6412117467229435%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 -, , ASN (),
Reverse DNS
Software: MMBD/3.387.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:24 GMT
Server: MMBD/3.387.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x27, zrh-bidder-x36
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Thu, 04 May 2023 07:12:23 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 8C47 43 B
415 B 61ms
23ms Image
image/gif 2.18.233.201

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=654745797162246547&v3=651871&v4=4562306&v5=6622327&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVdJMU9HWTBOREl0WWpkall5MWtOVFkzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzY1NDc0NTc5NzE2MjI0NjU0Ny82NjIyMzI3LzQ1NjIzMDYvNC9ESFNDM3Nsb1NycWg5enJyUjFEdTU5S0pzUHpoS0p0eDJxaURyZF9SWklnLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzY1NDc0NTc5NzE2MjI0NjU0Ny96cmgvMC8xODQvMzgvOTk5LzMyMi8yYTAzOjFiMjA6Njo6LzAuMDAwLzE2ODMxODQzNDEvMTY4MzE5Njk0MS80L3B1Yi02NDEyMTE3NDY3MjI5NDM1Lw/Z-5lzFxXhfY61ZuJtQQldgzd9S0&nodeid=4169&group=zrh&auctionid=654745797162246547&pbs_auctionid=654745797162246547&shardkey=654745797162246547&sid=4562306&cid=6622327&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.145&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt_Ar1VpTZK-4KZ-tkdUPjY6WuArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NDEyMTE3NDY3MjI5NDM1yAEJqAMBqgTXAk_QS53ycH6q9pQ7Fl1F4t9fp6X2mbEg76osTtf2KT38OUTTMVb_ACKqvNwYV33lP20LWFrGhZONRYjjuzQQlhq_3cMywvkdguNMUe3LlWe62E6yl2g_ie5nWW3fVM4-z3UpZIkZC3yxBI5PuUtVqRQ1rkLqAbts1CuTAFsQj3x5t-ZhgFwv1ZT-5ekFS7jQqvsqwIrwURq7nvr5Y8_wGqBhY-emtr1JscbNJDjDDz0Pbpz5FKqjmVMBVFRE6NLS8D4KCSj1fY5oMOoLcPppSPrGZk-AubZHCJs6-lQR8nW864G-gJ4Gc5NDx8eManr2bmr2Ds_QEmCDoc_YfMVbLn7YFETOrhN98wDajysknHAHlRgAKt1JbfIt0NdQhu3jzHmNh3sjY-NReY_MCkmeuknHvxht_42siAeSkkiennVYU3KwTmOJ86gtjCUZ2DnqVHTjrVhsHuuABrPp9fjfzMC4uQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3hyaCfgC1FJWTiwC8cA4z-sl3v8g%26client%3Dca-pub-6412117467229435%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 -, , ASN (),
Reverse DNS
Software: MT3 830 785530e master cdg-pixel-x9 config_version:"unknown" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:24 GMT
Server: MT3 830 785530e master cdg-pixel-x9 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Thu, 04 May 2023 07:12:23 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 8C47 49 B
329 B 34ms
12ms Image
image/gif 185.29.132.246

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=654745797162246547&st=4562306&time=1683184344&nodeid=4169
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVdJMU9HWTBOREl0WWpkall5MWtOVFkzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzY1NDc0NTc5NzE2MjI0NjU0Ny82NjIyMzI3LzQ1NjIzMDYvNC9ESFNDM3Nsb1NycWg5enJyUjFEdTU5S0pzUHpoS0p0eDJxaURyZF9SWklnLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzY1NDc0NTc5NzE2MjI0NjU0Ny96cmgvMC8xODQvMzgvOTk5LzMyMi8yYTAzOjFiMjA6Njo6LzAuMDAwLzE2ODMxODQzNDEvMTY4MzE5Njk0MS80L3B1Yi02NDEyMTE3NDY3MjI5NDM1Lw/Z-5lzFxXhfY61ZuJtQQldgzd9S0&nodeid=4169&group=zrh&auctionid=654745797162246547&pbs_auctionid=654745797162246547&shardkey=654745797162246547&sid=4562306&cid=6622327&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.145&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt_Ar1VpTZK-4KZ-tkdUPjY6WuArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NDEyMTE3NDY3MjI5NDM1yAEJqAMBqgTXAk_QS53ycH6q9pQ7Fl1F4t9fp6X2mbEg76osTtf2KT38OUTTMVb_ACKqvNwYV33lP20LWFrGhZONRYjjuzQQlhq_3cMywvkdguNMUe3LlWe62E6yl2g_ie5nWW3fVM4-z3UpZIkZC3yxBI5PuUtVqRQ1rkLqAbts1CuTAFsQj3x5t-ZhgFwv1ZT-5ekFS7jQqvsqwIrwURq7nvr5Y8_wGqBhY-emtr1JscbNJDjDDz0Pbpz5FKqjmVMBVFRE6NLS8D4KCSj1fY5oMOoLcPppSPrGZk-AubZHCJs6-lQR8nW864G-gJ4Gc5NDx8eManr2bmr2Ds_QEmCDoc_YfMVbLn7YFETOrhN98wDajysknHAHlRgAKt1JbfIt0NdQhu3jzHmNh3sjY-NReY_MCkmeuknHvxht_42siAeSkkiennVYU3KwTmOJ86gtjCUZ2DnqVHTjrVhsHuuABrPp9fjfzMC4uQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3hyaCfgC1FJWTiwC8cA4z-sl3v8g%26client%3Dca-pub-6412117467229435%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 -, , ASN (),
Reverse DNS
Software: MMBD/3.387.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:24 GMT
Server: MMBD/3.387.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x86, zrh-bidder-x36
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Thu, 04 May 2023 07:12:23 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 18C4 143 B
166 B 37ms
35ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=240&adk=27255752&adf=1123737134&pi=t.aa~a.2004663329~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1683184341&rafmt=1&to=qs&pwprc=2587445467&format=300x240&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F01%2F30%2Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683184341620&bpp=1&bdt=3931&idt=1&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da8bbdb08e4147e5f-22177a8882df0083%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_Mb9pQXMaEMn_cMJgI7iHU5a_8nl3A&gpic=UID%3D00000bf531c999a3%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_MYSLwq-Q8rz9m_Dekl25fuRtR8yEA&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=1844371234189&frm=20&pv=1&ga_vid=660110418.1683184339&ga_sid=1683184339&ga_hid=700711020&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=3951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44773810%2C44788441%2C44789925&oid=2&psts=ABHeCvjyXtovpfdjv5xUFRgOH4zwNmIyihbiQQx4kp5_8xMrbRqasMjW-z4KdfWqvCfreGPf-REdLrs-4KSrfC3UxU6YzOEb&pvsid=4108554671110810&tmod=1160325905&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HRz8ZltxW9&p=https%3A//ipsnews.net&dtd=38
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 07:09:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0401 1 KB
643 B 39ms
38ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43919
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 19:00:25 GMT
etag: 48472445140208031
expires: Thu, 04 May 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 51D1 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 306e41ab3a8fbea16bc9009b3b45901ff4f63c75d770216d64c24e1bbc9ad962

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK request.php Show response
hal900020.redintelligence.net/ Frame 8C47 3 KB
1 KB 155ms
117ms Script
application/x-javascript 178.63.52.121

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=d688d9124b&subid=&uid=3a20cb9807eb94ba&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dyt738aPC38533p9bwRHhHw%26exch_seat%3D20035004448%26mt_aid%3D654745797162246547%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D91026453-5ad8-4e01-b1e3-e185a75e9ced%26mt_cid%3D91026453-5ad8-4e01-b1e3-e185a75e9ced%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCt_Ar1VpTZK-4KZ-tkdUPjY6WuArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NDEyMTE3NDY3MjI5NDM1yAEJqAMBqgTXAk_QS53ycH6q9pQ7Fl1F4t9fp6X2mbEg76osTtf2KT38OUTTMVb_ACKqvNwYV33lP20LWFrGhZONRYjjuzQQlhq_3cMywvkdguNMUe3LlWe62E6yl2g_ie5nWW3fVM4-z3UpZIkZC3yxBI5PuUtVqRQ1rkLqAbts1CuTAFsQj3x5t-ZhgFwv1ZT-5ekFS7jQqvsqwIrwURq7nvr5Y8_wGqBhY-emtr1JscbNJDjDDz0Pbpz5FKqjmVMBVFRE6NLS8D4KCSj1fY5oMOoLcPppSPrGZk-AubZHCJs6-lQR8nW864G-gJ4Gc5NDx8eManr2bmr2Ds_QEmCDoc_YfMVbLn7YFETOrhN98wDajysknHAHlRgAKt1JbfIt0NdQhu3jzHmNh3sjY-NReY_MCkmeuknHvxht_42siAeSkkiennVYU3KwTmOJ86gtjCUZ2DnqVHTjrVhsHuuABrPp9fjfzMC4uQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3hyaCfgC1FJWTiwC8cA4z-sl3v8g%2526client%253Dca-pub-6412117467229435%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6412117467229435%26output%3Dhtml%26h%3D600%26adk%3D1179306731%26adf%3D1549132715%26pi%3Dt.aa~a.1596287903~rp.4%26w%3D300%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1683184341%26rafmt%3D1%26to%3Dqs%26pwprc%3D2587445467%26format%3D300x600%26url%3Dhttps%253A%252F%252Fipsnews.net%252Fbusiness%252F2022%252F01%252F30%252Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1683184341620%26bpp%3D1%26bdt%3D3930%26idt%3D-M%26shv%3Dr20230502%26mjsv%3Dm202304270101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Da8bbdb08e4147e5f-22177a8882df0083%253AT%253D1683184339%253ART%253D1683184339%253AS%253DALNI_Mb9pQXMaEMn_cMJgI7iHU5a_8nl3A%26gpic%3DUID%253D00000bf531c999a3%253AT%253D1683184339%253ART%253D1683184339%253AS%253DALNI_MYSLwq-Q8rz9m_Dekl25fuRtR8yEA%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D1844371234189%26frm%3D20%26pv%3D1%26ga_vid%3D660110418.1683184339%26ga_sid%3D1683184339%26ga_hid%3D700711020%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D990%26ady%3D1786%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759837%252C44759926%252C44773810%252C44788441%252C44789925%26oid%3D2%26psts%3DABHeCvjyXtovpfdjv5xUFRgOH4zwNmIyihbiQQx4kp5_8xMrbRqasMjW-z4KdfWqvCfreGPf-REdLrs-4KSrfC3UxU6YzOEb%26pvsid%3D4108554671110810%26tmod%3D1160325905%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26xpc%3DfrlZhSNZM0%26p%3Dhttps%253A%2F%2Fipsnews.net%26dtd%3D13&ancestorOrigins=null&random=2906696015470&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/yrsa821xsiee?subid=&gdpr=1&gdpr_consent=li&rnd=654745797162246547&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dyt738aPC38533p9bwRHhHw%26exch_seat%3D20035004448%26mt_aid%3D654745797162246547%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D91026453-5ad8-4e01-b1e3-e185a75e9ced%26mt_cid%3D91026453-5ad8-4e01-b1e3-e185a75e9ced%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCt_Ar1VpTZK-4KZ-tkdUPjY6WuArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NDEyMTE3NDY3MjI5NDM1yAEJqAMBqgTXAk_QS53ycH6q9pQ7Fl1F4t9fp6X2mbEg76osTtf2KT38OUTTMVb_ACKqvNwYV33lP20LWFrGhZONRYjjuzQQlhq_3cMywvkdguNMUe3LlWe62E6yl2g_ie5nWW3fVM4-z3UpZIkZC3yxBI5PuUtVqRQ1rkLqAbts1CuTAFsQj3x5t-ZhgFwv1ZT-5ekFS7jQqvsqwIrwURq7nvr5Y8_wGqBhY-emtr1JscbNJDjDDz0Pbpz5FKqjmVMBVFRE6NLS8D4KCSj1fY5oMOoLcPppSPrGZk-AubZHCJs6-lQR8nW864G-gJ4Gc5NDx8eManr2bmr2Ds_QEmCDoc_YfMVbLn7YFETOrhN98wDajysknHAHlRgAKt1JbfIt0NdQhu3jzHmNh3sjY-NReY_MCkmeuknHvxht_42siAeSkkiennVYU3KwTmOJ86gtjCUZ2DnqVHTjrVhsHuuABrPp9fjfzMC4uQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3hyaCfgC1FJWTiwC8cA4z-sl3v8g%2526client%253Dca-pub-6412117467229435%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: a445d5af49378ed348958a23f65a86fa841d214f64c3e5c2c6a9fe01a856ec0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 May 2023 07:12:24 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 69670900037134600951401012314020
Connection: close
Content-Length: 1074
Expires: Thu, 04 May 2023 08:12:24 +0200

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 18C4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

44ms
44ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 07:12:24 GMT
expires: Thu, 04 May 2023 07:12:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 07:12:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 0401 0
104 B 141ms
66ms Image
text/plain 2a02:fa8:8806:13::1370

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFYnRyTKcCPrRCtm0d7pcfc&google_cver=1&google_push=ATf1kGNX5ALkGbC8wANKXAFkHBEDGBSTb7bsF78s2iRcQOdijrcvT4NQ77aNgDthb-cmyTJZhSQqQCQqTk6CIbBqZF-VgHHHyBM_Mak
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=240&adk=27255752&adf=1123737134&pi=t.aa~a.2004663329~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1683184341&rafmt=1&to=qs&pwprc=2587445467&format=300x240&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F01%2F30%2Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683184341620&bpp=1&bdt=3931&idt=1&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da8bbdb08e4147e5f-22177a8882df0083%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_Mb9pQXMaEMn_cMJgI7iHU5a_8nl3A&gpic=UID%3D00000bf531c999a3%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_MYSLwq-Q8rz9m_Dekl25fuRtR8yEA&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=1844371234189&frm=20&pv=1&ga_vid=660110418.1683184339&ga_sid=1683184339&ga_hid=700711020&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=3951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44773810%2C44788441%2C44789925&oid=2&psts=ABHeCvjyXtovpfdjv5xUFRgOH4zwNmIyihbiQQx4kp5_8xMrbRqasMjW-z4KdfWqvCfreGPf-REdLrs-4KSrfC3UxU6YzOEb&pvsid=4108554671110810&tmod=1160325905&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HRz8ZltxW9&p=https%3A//ipsnews.net&dtd=38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:24 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0401
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHYYtwTSMy7kQ0cuagPkRUI&google_push=ATf1kGMiKlAIYKhaLP3NB3Gfsn-oRSUJJhaEKX-_WoboTAZO5Fi61h4wH0...

170 B
232 B

49ms
48ms

Image
image/png

172.217.18.2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHYYtwTSMy7kQ0cuagPkRUI&google_push=ATf1kGMiKlAIYKhaLP3NB3Gfsn-oRSUJJhaEKX-_WoboTAZO5Fi61h4wH0As9bTDjwNf6r5xm-OUa_D02aKiSDhFFRTHXtRq2s3SrXo

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/

Protocol

Server

172.217.18.2 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230113-FRA
pragma: no-cache
date: Thu, 04 May 2023 07:12:24 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1683184344.278737,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHYYtwTSMy7kQ0cuagPkRUI&google_push=ATf1kGMiKlAIYKhaLP3NB3Gfsn-oRSUJJhaEKX-_WoboTAZO5Fi61h4wH0As9bTDjwNf6r5xm-OUa_D02aKiSDhFFRTHXtRq2s3SrXo
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0401
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJuuWQ62U1mKHQ6U27BtrUA&google_cver=1&google_push=ATf1kGMd5gYvy3Vi5AsbILhSoTZi9xYEuCg2258sPoUOdydXU7pMnhhcufr6oAi6TxWgGw-U0TMiyDBVtuj4XeBx0FbqKnSoWC3a7Gw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=17A8047F59E64A899C6CE336ECB67BC9&google_push=ATf1kGMd5gYvy3Vi5AsbILhSoTZi9xYEuCg2258sPoUOdydXU7pMnhhcufr6oAi6TxWgGw-U0TMiyDBVtuj4XeB...

170 B
232 B

82ms
49ms

Image
image/png

172.217.18.2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=17A8047F59E64A899C6CE336ECB67BC9&google_push=ATf1kGMd5gYvy3Vi5AsbILhSoTZi9xYEuCg2258sPoUOdydXU7pMnhhcufr6oAi6TxWgGw-U0TMiyDBVtuj4XeBx0FbqKnSoWC3a7Gw

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/

Protocol

Server

172.217.18.2 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 04 May 2023 07:12:24 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=17A8047F59E64A899C6CE336ECB67BC9&google_push=ATf1kGMd5gYvy3Vi5AsbILhSoTZi9xYEuCg2258sPoUOdydXU7pMnhhcufr6oAi6TxWgGw-U0TMiyDBVtuj4XeBx0FbqKnSoWC3a7Gw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 03 May 2023 07:12:24 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0401
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESECOoeElb_Y3ePa5_XThRgk8&google_cver=1&google_push=ATf1kGMsd6zEZgmHtx7dNal_7Imhqw90VFweCmCvFJYQ7TiLpyXSpYOgQX-OZQEKqnFpcxqcNvRVJqUw1_3e0bDR...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GAYqC4n2T0u8q4hMMz2g3w2&google_push=ATf1kGMsd6zEZgmHtx7dNal_7Imhqw90VFweCmCvFJYQ7TiLpyXSpYOgQX-OZQEKqnFpcxqcNvRVJqUw1_3e0bDREQzUVrSH9ZVJehE

170 B
329 B

84ms
49ms

Image
image/png

172.217.18.2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GAYqC4n2T0u8q4hMMz2g3w2&google_push=ATf1kGMsd6zEZgmHtx7dNal_7Imhqw90VFweCmCvFJYQ7TiLpyXSpYOgQX-OZQEKqnFpcxqcNvRVJqUw1_3e0bDREQzUVrSH9ZVJehE

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/

Protocol

Server

172.217.18.2 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 04 May 2023 07:12:24 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GAYqC4n2T0u8q4hMMz2g3w2&google_push=ATf1kGMsd6zEZgmHtx7dNal_7Imhqw90VFweCmCvFJYQ7TiLpyXSpYOgQX-OZQEKqnFpcxqcNvRVJqUw1_3e0bDREQzUVrSH9ZVJehE
x-host: tde-deliveryengine-production-797dcffc79-wt5ht
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET

sync
x.bidswitch.net/ul_cb/ Frame 0401
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEN__sjBXOA0ZLQONgSdYM-M&google_cver=1&google_push=ATf1kGPubINbV7hMLeIF3Sti9TkpN0OrTur4a-YROJtdthUPJ3GTv8nu0ARwZh5dJ1rBPoWU2ySrOyLUg_CTt4i-iPhQ...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEN__sjBXOA0ZLQONgSdYM-M&google_cver=1&google_push=ATf1kGPubINbV7hMLeIF3Sti9TkpN0OrTur4a-YROJtdthUPJ3GTv8nu0ARwZh5dJ1rBPoWU2ySrOyLUg_CTt4...

0
0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0401
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIRIRl9Di7FeTEeWzCOGcKY&google_cver=1&google_push=ATf1kGOwCq1xhieop3DUer7fwAEhTBTxRNvFF6VcIfoUz9AJjHtJY8qixzNsRUd40MtR5eKpyKwYvD7l7pIr-XegKnR0GhZ...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOwCq1xhieop3DUer7fwAEhTBTxRNvFF6VcIfoUz9AJjHtJY8qixzNsRUd40MtR5eKpyKwYvD7l7pIr-XegKnR0GhZW_xbUIdg&google_hm=eS1xaWRhaHhSRTJwR1B...

170 B
232 B

49ms
49ms

Image
image/png

172.217.18.2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOwCq1xhieop3DUer7fwAEhTBTxRNvFF6VcIfoUz9AJjHtJY8qixzNsRUd40MtR5eKpyKwYvD7l7pIr-XegKnR0GhZW_xbUIdg&google_hm=eS1xaWRhaHhSRTJwR1BuWmFGYTJkNnhicU9LY2pxcS40U35B

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/

Protocol

Server

172.217.18.2 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 04 May 2023 07:12:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOwCq1xhieop3DUer7fwAEhTBTxRNvFF6VcIfoUz9AJjHtJY8qixzNsRUd40MtR5eKpyKwYvD7l7pIr-XegKnR0GhZW_xbUIdg&google_hm=eS1xaWRhaHhSRTJwR1BuWmFGYTJkNnhicU9LY2pxcS40U35B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0401
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESED06xrvehr6n0M8f6aP4hXU&google_cver=1&google_push=ATf1kGNALPo6B0_qdinft26fISZxMRy8jWB2nyfgsDazLhmXt8_6yMz_DFQBJgjvzxed8j5eM3PkMVQz...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESED06xrvehr6n0M8f6aP4hXU&google_cver=1&google_push=ATf1kGNALPo6B0_qdinft26fISZxMRy8jWB2nyfgsDazLhmXt8_6yMz_DFQBJgjvzxed8j5eM3P...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODg4NDk0MTE0ODY0NTg0MDE0NA&google_push=ATf1kGNALPo6B0_qdinft26fISZxMRy8jWB2nyfgsDazLhmXt8_6yMz_DFQBJgjvzxed8j5eM3PkMV...

170 B
232 B

50ms
49ms

Image
image/png

172.217.18.2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODg4NDk0MTE0ODY0NTg0MDE0NA&google_push=ATf1kGNALPo6B0_qdinft26fISZxMRy8jWB2nyfgsDazLhmXt8_6yMz_DFQBJgjvzxed8j5eM3PkMVQzwCZVYe8Rs-G5e3vF9nJwWnQ

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/

Protocol

Server

172.217.18.2 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODg4NDk0MTE0ODY0NTg0MDE0NA&google_push=ATf1kGNALPo6B0_qdinft26fISZxMRy8jWB2nyfgsDazLhmXt8_6yMz_DFQBJgjvzxed8j5eM3PkMVQzwCZVYe8Rs-G5e3vF9nJwWnQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0401 0
130 B 145ms
46ms Image
text/html 172.217.18.2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KmiQU5UAD2syGea-olveneRDitqbRHk_mx7-_4Z8UZG801PYXCOp8rMqH_6owMFIv3jXps

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 790E 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e6d7ff7829bfa422d2a4f4151f62fa9281e974763c8089c52766f64bcc1ba64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 18:24:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14581
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 May 2024 18:24:30 GMT

GET
H2 200 / Show response
adv.office-partner.de/ Frame 567E 930 B
931 B 42ms
7ms Document
text/html 2a0b:4d07:102::1

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=d688d9124b&subid=&uid=3a20cb9807eb94ba&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dyt738aPC38533p9bwRHhHw%26exch_seat%3D20035004448%26mt_aid%3D654745797162246547%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D91026453-5ad8-4e01-b1e3-e185a75e9ced%26mt_cid%3D91026453-5ad8-4e01-b1e3-e185a75e9ced%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCt_Ar1VpTZK-4KZ-tkdUPjY6WuArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NDEyMTE3NDY3MjI5NDM1yAEJqAMBqgTXAk_QS53ycH6q9pQ7Fl1F4t9fp6X2mbEg76osTtf2KT38OUTTMVb_ACKqvNwYV33lP20LWFrGhZONRYjjuzQQlhq_3cMywvkdguNMUe3LlWe62E6yl2g_ie5nWW3fVM4-z3UpZIkZC3yxBI5PuUtVqRQ1rkLqAbts1CuTAFsQj3x5t-ZhgFwv1ZT-5ekFS7jQqvsqwIrwURq7nvr5Y8_wGqBhY-emtr1JscbNJDjDDz0Pbpz5FKqjmVMBVFRE6NLS8D4KCSj1fY5oMOoLcPppSPrGZk-AubZHCJs6-lQR8nW864G-gJ4Gc5NDx8eManr2bmr2Ds_QEmCDoc_YfMVbLn7YFETOrhN98wDajysknHAHlRgAKt1JbfIt0NdQhu3jzHmNh3sjY-NReY_MCkmeuknHvxht_42siAeSkkiennVYU3KwTmOJ86gtjCUZ2DnqVHTjrVhsHuuABrPp9fjfzMC4uQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3hyaCfgC1FJWTiwC8cA4z-sl3v8g%2526client%253Dca-pub-6412117467229435%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6412117467229435%26output%3Dhtml%26h%3D600%26adk%3D1179306731%26adf%3D1549132715%26pi%3Dt.aa~a.1596287903~rp.4%26w%3D300%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1683184341%26rafmt%3D1%26to%3Dqs%26pwprc%3D2587445467%26format%3D300x600%26url%3Dhttps%253A%252F%252Fipsnews.net%252Fbusiness%252F2022%252F01%252F30%252Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1683184341620%26bpp%3D1%26bdt%3D3930%26idt%3D-M%26shv%3Dr20230502%26mjsv%3Dm202304270101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Da8bbdb08e4147e5f-22177a8882df0083%253AT%253D1683184339%253ART%253D1683184339%253AS%253DALNI_Mb9pQXMaEMn_cMJgI7iHU5a_8nl3A%26gpic%3DUID%253D00000bf531c999a3%253AT%253D1683184339%253ART%253D1683184339%253AS%253DALNI_MYSLwq-Q8rz9m_Dekl25fuRtR8yEA%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D1844371234189%26frm%3D20%26pv%3D1%26ga_vid%3D660110418.1683184339%26ga_sid%3D1683184339%26ga_hid%3D700711020%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D990%26ady%3D1786%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759837%252C44759926%252C44773810%252C44788441%252C44789925%26oid%3D2%26psts%3DABHeCvjyXtovpfdjv5xUFRgOH4zwNmIyihbiQQx4kp5_8xMrbRqasMjW-z4KdfWqvCfreGPf-REdLrs-4KSrfC3UxU6YzOEb%26pvsid%3D4108554671110810%26tmod%3D1160325905%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26xpc%3DfrlZhSNZM0%26p%3Dhttps%253A%2F%2Fipsnews.net%26dtd%3D13&ancestorOrigins=null&random=2906696015470&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 -, , ASN (),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Thu, 04 May 2023 07:12:24 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Thu, 11 May 2023 07:12:24 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

htlp Show response
futalis.de/ Frame ABF1
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=69670900037134600951401012314020&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2681429343

350 B
401 B

46ms
10ms

Document
text/html

167.233.14.134

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2681429343
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=d688d9124b&subid=&uid=3a20cb9807eb94ba&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dyt738aPC38533p9bwRHhHw%26exch_seat%3D20035004448%26mt_aid%3D654745797162246547%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D91026453-5ad8-4e01-b1e3-e185a75e9ced%26mt_cid%3D91026453-5ad8-4e01-b1e3-e185a75e9ced%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCt_Ar1VpTZK-4KZ-tkdUPjY6WuArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NDEyMTE3NDY3MjI5NDM1yAEJqAMBqgTXAk_QS53ycH6q9pQ7Fl1F4t9fp6X2mbEg76osTtf2KT38OUTTMVb_ACKqvNwYV33lP20LWFrGhZONRYjjuzQQlhq_3cMywvkdguNMUe3LlWe62E6yl2g_ie5nWW3fVM4-z3UpZIkZC3yxBI5PuUtVqRQ1rkLqAbts1CuTAFsQj3x5t-ZhgFwv1ZT-5ekFS7jQqvsqwIrwURq7nvr5Y8_wGqBhY-emtr1JscbNJDjDDz0Pbpz5FKqjmVMBVFRE6NLS8D4KCSj1fY5oMOoLcPppSPrGZk-AubZHCJs6-lQR8nW864G-gJ4Gc5NDx8eManr2bmr2Ds_QEmCDoc_YfMVbLn7YFETOrhN98wDajysknHAHlRgAKt1JbfIt0NdQhu3jzHmNh3sjY-NReY_MCkmeuknHvxht_42siAeSkkiennVYU3KwTmOJ86gtjCUZ2DnqVHTjrVhsHuuABrPp9fjfzMC4uQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3hyaCfgC1FJWTiwC8cA4z-sl3v8g%2526client%253Dca-pub-6412117467229435%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6412117467229435%26output%3Dhtml%26h%3D600%26adk%3D1179306731%26adf%3D1549132715%26pi%3Dt.aa~a.1596287903~rp.4%26w%3D300%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1683184341%26rafmt%3D1%26to%3Dqs%26pwprc%3D2587445467%26format%3D300x600%26url%3Dhttps%253A%252F%252Fipsnews.net%252Fbusiness%252F2022%252F01%252F30%252Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1683184341620%26bpp%3D1%26bdt%3D3930%26idt%3D-M%26shv%3Dr20230502%26mjsv%3Dm202304270101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Da8bbdb08e4147e5f-22177a8882df0083%253AT%253D1683184339%253ART%253D1683184339%253AS%253DALNI_Mb9pQXMaEMn_cMJgI7iHU5a_8nl3A%26gpic%3DUID%253D00000bf531c999a3%253AT%253D1683184339%253ART%253D1683184339%253AS%253DALNI_MYSLwq-Q8rz9m_Dekl25fuRtR8yEA%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D1844371234189%26frm%3D20%26pv%3D1%26ga_vid%3D660110418.1683184339%26ga_sid%3D1683184339%26ga_hid%3D700711020%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D990%26ady%3D1786%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759837%252C44759926%252C44773810%252C44788441%252C44789925%26oid%3D2%26psts%3DABHeCvjyXtovpfdjv5xUFRgOH4zwNmIyihbiQQx4kp5_8xMrbRqasMjW-z4KdfWqvCfreGPf-REdLrs-4KSrfC3UxU6YzOEb%26pvsid%3D4108554671110810%26tmod%3D1160325905%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26xpc%3DfrlZhSNZM0%26p%3Dhttps%253A%2F%2Fipsnews.net%26dtd%3D13&ancestorOrigins=null&random=2906696015470&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.233.14.134 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 04 May 2023 07:12:24 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2681429343
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame 8C47 2 KB
2 KB 132ms
71ms Script
text/html 35.178.52.145

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=69670900037134600951401012314020&nw=1
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/01/30/lifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.178.52.145 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash: bb0c753f57b572de7809305366e15bb8a8d3d02e8cf384ff614619a220a9f6e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:24 GMT
last-modified: Thu, 04 May 2023 07:12:24 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 04 May 2023 07:13:24 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900020.redintelligence.net/ Frame 67CA 7 KB
2 KB 33ms
11ms Document
text/html 178.63.52.121

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/request_content.php?s=69670900037134600951401012314020&a=7c62663d
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=d688d9124b&subid=&uid=3a20cb9807eb94ba&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dyt738aPC38533p9bwRHhHw%26exch_seat%3D20035004448%26mt_aid%3D654745797162246547%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D91026453-5ad8-4e01-b1e3-e185a75e9ced%26mt_cid%3D91026453-5ad8-4e01-b1e3-e185a75e9ced%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCt_Ar1VpTZK-4KZ-tkdUPjY6WuArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NDEyMTE3NDY3MjI5NDM1yAEJqAMBqgTXAk_QS53ycH6q9pQ7Fl1F4t9fp6X2mbEg76osTtf2KT38OUTTMVb_ACKqvNwYV33lP20LWFrGhZONRYjjuzQQlhq_3cMywvkdguNMUe3LlWe62E6yl2g_ie5nWW3fVM4-z3UpZIkZC3yxBI5PuUtVqRQ1rkLqAbts1CuTAFsQj3x5t-ZhgFwv1ZT-5ekFS7jQqvsqwIrwURq7nvr5Y8_wGqBhY-emtr1JscbNJDjDDz0Pbpz5FKqjmVMBVFRE6NLS8D4KCSj1fY5oMOoLcPppSPrGZk-AubZHCJs6-lQR8nW864G-gJ4Gc5NDx8eManr2bmr2Ds_QEmCDoc_YfMVbLn7YFETOrhN98wDajysknHAHlRgAKt1JbfIt0NdQhu3jzHmNh3sjY-NReY_MCkmeuknHvxht_42siAeSkkiennVYU3KwTmOJ86gtjCUZ2DnqVHTjrVhsHuuABrPp9fjfzMC4uQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3hyaCfgC1FJWTiwC8cA4z-sl3v8g%2526client%253Dca-pub-6412117467229435%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6412117467229435%26output%3Dhtml%26h%3D600%26adk%3D1179306731%26adf%3D1549132715%26pi%3Dt.aa~a.1596287903~rp.4%26w%3D300%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1683184341%26rafmt%3D1%26to%3Dqs%26pwprc%3D2587445467%26format%3D300x600%26url%3Dhttps%253A%252F%252Fipsnews.net%252Fbusiness%252F2022%252F01%252F30%252Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1683184341620%26bpp%3D1%26bdt%3D3930%26idt%3D-M%26shv%3Dr20230502%26mjsv%3Dm202304270101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Da8bbdb08e4147e5f-22177a8882df0083%253AT%253D1683184339%253ART%253D1683184339%253AS%253DALNI_Mb9pQXMaEMn_cMJgI7iHU5a_8nl3A%26gpic%3DUID%253D00000bf531c999a3%253AT%253D1683184339%253ART%253D1683184339%253AS%253DALNI_MYSLwq-Q8rz9m_Dekl25fuRtR8yEA%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D1844371234189%26frm%3D20%26pv%3D1%26ga_vid%3D660110418.1683184339%26ga_sid%3D1683184339%26ga_hid%3D700711020%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D990%26ady%3D1786%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759837%252C44759926%252C44773810%252C44788441%252C44789925%26oid%3D2%26psts%3DABHeCvjyXtovpfdjv5xUFRgOH4zwNmIyihbiQQx4kp5_8xMrbRqasMjW-z4KdfWqvCfreGPf-REdLrs-4KSrfC3UxU6YzOEb%26pvsid%3D4108554671110810%26tmod%3D1160325905%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26xpc%3DfrlZhSNZM0%26p%3Dhttps%253A%2F%2Fipsnews.net%26dtd%3D13&ancestorOrigins=null&random=2906696015470&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 1df0638408f4ae4faa73f00070b5ecac7c9c8c100dc6940d39e8d2c0ad517867

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2018
Content-Type: text/html; charset=utf-8
Date: Thu, 04 May 2023 07:12:24 GMT
Expires: Thu, 04 May 2023 08:12:24 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 8C47 43 B
704 B 97ms
73ms Image
image/gif 23.210.125.176

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=69670900037134600951401012314020&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.210.125.176 -, , ASN (),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 May 2023 07:12:24 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame ABCE 1 KB
643 B 38ms
37ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43919
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 19:00:25 GMT
etag: 48472445140208031
expires: Thu, 04 May 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8C47 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61f98ead5d205125c9f4f5169c2dd0c274b6dd5f69dfc214cc05c7d5566356b9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 67CA 5 KB
673 B 45ms
44ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=69670900037134600951401012314020&a=7c62663d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7bc65b9b935eee5be74ed156fd16e55e9bbfd127cd3341208e7d4fc64addc1cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 May 2023 07:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 May 2023 06:15:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 May 2023 07:12:24 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 67CA 81 KB
81 KB 37ms
13ms Image
image/png 144.76.238.55

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=69670900037134600951401012314020&a=7c62663d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b3de15478cace2ea1abcec6d52dfe03357984745b8b5eaee9bbbfdf170e7a1f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 67CA 69 KB
69 KB 186ms
163ms Image
image/png 144.76.238.55

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=69670900037134600951401012314020&a=7c62663d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7ea05d2ca51bb7b26bcf9b916416b897696610484c6e6d1f612d80ad2bb21a43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 67CA 101 KB
101 KB 185ms
163ms Image
image/png 144.76.238.55

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/1200x627-1.jpg
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=69670900037134600951401012314020&a=7c62663d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 0387f6465ce0884780f082ca165b8c408f4d0bad380f52c6360dd3c43fb4c2f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame ABF1 5 KB
5 KB 10ms
10ms Script
application/javascript 2a01:4f8:d0a:2321::2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2681429343
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:24 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 567E 107 KB
41 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0bb12c9c2a013427a3fe71f0c0b438e82ac11d1f564d7fec08b08c782d69e00c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42262
x-xss-protection: 0
last-modified: Thu, 04 May 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 May 2023 07:12:24 GMT

GET
H/1.1 200
OK viewability Show response
hal900020.redintelligence.net/ Frame 67CA 0
150 B 34ms
12ms Script
text/html 178.63.52.121

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/viewability?s=69670900037134600951401012314020&a=a9b5bad5&vb=m
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=69670900037134600951401012314020&a=7c62663d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/request_content.php?s=69670900037134600951401012314020&a=7c62663d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 07:12:24 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame ABCE
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDuSpfPsJqAJ3y0PUckU8XY&google_cver=1&google_push=ATf1kGPMUzXT1PJrLN80pgE7VHFoF2h-8RUXCtlmPs81qXbhkkRUiLImm-9S2JorStLrqL8TxJCpsaAnE2OSvdRFN-mxmlSXEmrT2...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjg4MTU1ODc3Mjc0OTQ2Mjc2Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDuSpfPsJqAJ3y0PUckU8XY&google_cver=1

43 B
398 B

50ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDuSpfPsJqAJ3y0PUckU8XY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=600&adk=1179306731&adf=1549132715&pi=t.aa~a.1596287903~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1683184341&rafmt=1&to=qs&pwprc=2587445467&format=300x600&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F01%2F30%2Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683184341620&bpp=1&bdt=3930&idt=-M&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da8bbdb08e4147e5f-22177a8882df0083%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_Mb9pQXMaEMn_cMJgI7iHU5a_8nl3A&gpic=UID%3D00000bf531c999a3%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_MYSLwq-Q8rz9m_Dekl25fuRtR8yEA&prev_fmts=0x0%2C1200x280&nras=3&correlator=1844371234189&frm=20&pv=1&ga_vid=660110418.1683184339&ga_sid=1683184339&ga_hid=700711020&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=1786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44773810%2C44788441%2C44789925&oid=2&psts=ABHeCvjyXtovpfdjv5xUFRgOH4zwNmIyihbiQQx4kp5_8xMrbRqasMjW-z4KdfWqvCfreGPf-REdLrs-4KSrfC3UxU6YzOEb&pvsid=4108554671110810&tmod=1160325905&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=frlZhSNZM0&p=https%3A//ipsnews.net&dtd=13
Protocol: H2
Server: 2001:678:cb4:bbbb::11 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 04 May 2023 07:12:23 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDuSpfPsJqAJ3y0PUckU8XY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame ABCE 35 B
464 B 42ms
8ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKVQ9Uipk1caVKer2tH29OM&google_cver=1&google_push=ATf1kGOiexcOXFL5dnFUpz91Rji_CqVUdHW7uvXLmFH2zEsqoYFHbthEi-LXJVK0cmpu8ci9-UVBmriIIunSrESZ1CobCkgDXMkNp9oJJ0kbBphvhu9H6aBy8ZTIugKFdZOCbDuL9X6T3z-5SA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:24 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ABCE
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDxCY6gDMLm_tyAORV70t_U&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDxCY6gDMLm_tyAORV70t_U&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MGZYS0RSdEsxUFV0OEE1&google_gid=CAESEDxCY6gDMLm_tyAORV70t_U&google_cver=1&google_push=ATf1kGMn39seRGVeLKaFCtIyg2O03SGg_Ug6OgmOw6ENwh4...

170 B
188 B

49ms
48ms

Image
image/png

172.217.18.2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MGZYS0RSdEsxUFV0OEE1&google_gid=CAESEDxCY6gDMLm_tyAORV70t_U&google_cver=1&google_push=ATf1kGMn39seRGVeLKaFCtIyg2O03SGg_Ug6OgmOw6ENwh4gg7wcpxRXiGmxxrj5EWS_VQm0R3tVymU16fFsbRTvJukFb2DgQx3UbuqOsqWPgcgk6o39gufGTHBjtIb23qT8tvTREOaV48fmmQ

Requested by

Protocol

Server

172.217.18.2 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 04 May 2023 07:12:23 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-05bcdf9d4cddcb229@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MGZYS0RSdEsxUFV0OEE1&google_gid=CAESEDxCY6gDMLm_tyAORV70t_U&google_cver=1&google_push=ATf1kGMn39seRGVeLKaFCtIyg2O03SGg_Ug6OgmOw6ENwh4gg7wcpxRXiGmxxrj5EWS_VQm0R3tVymU16fFsbRTvJukFb2DgQx3UbuqOsqWPgcgk6o39gufGTHBjtIb23qT8tvTREOaV48fmmQ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame ABCE
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESECOoeElb_Y3ePa5_XThRgk8&google_cver=1&google_push=ATf1kGNmPcQxTSDVkR1agbzECl9hYiXJ02itXz-POGIXvfi1B1Ih_pi8bABy35Iu16iExSwNXDjaJ2SiY8P-Poew...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GAYqC4n2T0u8q4hMMz2g3w2&google_push=ATf1kGNmPcQxTSDVkR1agbzECl9hYiXJ02itXz-POGIXvfi1B1Ih_pi8bABy35Iu16iExSwNXDjaJ2SiY8P-Poewz4E8Dk-VmwCqUg...

170 B
232 B

48ms
48ms

Image
image/png

172.217.18.2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GAYqC4n2T0u8q4hMMz2g3w2&google_push=ATf1kGNmPcQxTSDVkR1agbzECl9hYiXJ02itXz-POGIXvfi1B1Ih_pi8bABy35Iu16iExSwNXDjaJ2SiY8P-Poewz4E8Dk-VmwCqUg5orLz7wrIMmaEhh8u82PU0wlczuV0y44scWABWF4mVEvM

Requested by

Protocol

Server

172.217.18.2 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 04 May 2023 07:12:24 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GAYqC4n2T0u8q4hMMz2g3w2&google_push=ATf1kGNmPcQxTSDVkR1agbzECl9hYiXJ02itXz-POGIXvfi1B1Ih_pi8bABy35Iu16iExSwNXDjaJ2SiY8P-Poewz4E8Dk-VmwCqUg5orLz7wrIMmaEhh8u82PU0wlczuV0y44scWABWF4mVEvM
x-host: tde-deliveryengine-production-797dcffc79-4lvc7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame ABCE 43 B
363 B 50ms
14ms Image
image/gif 178.250.1.9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEMtpN1NE2SzI18yQ2_yI7wA&google_cver=1&google_push=ATf1kGOT1aTqUesNCYXfv-ROe2umhPHi4cCjTNEHFNPJXretdii01P1qcjGK4U0Z6cpZJ9apkaEJrJGe7D3u3GGJH4poFVEgy1awFh_fkPVW9DPacD1zBbQat9bw--ScKDW7O_2ir7G5LU7EMd4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:23 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 220925
expires: Thu, 04 May 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ABCE
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qdX1cnkeRZiQvTlh-Loi4w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

54ms
53ms

Image
image/png

172.217.18.2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qdX1cnkeRZiQvTlh-Loi4w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNbYkS-73zYKaPBimpIG3mAwi0RgZ67PUB5ZsJv_Jrk_TOL6QeJWzvSHvb1rrsbAFJ6WF5RkwcPDxF_2ieIYYCG6jqOQXMtTHxCFfnbu3DrS0esd5WCTqjHgH9Bo_rxSTTWNs3Rq5e9ZxM

Requested by

Protocol

Server

172.217.18.2 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qdX1cnkeRZiQvTlh-Loi4w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNbYkS-73zYKaPBimpIG3mAwi0RgZ67PUB5ZsJv_Jrk_TOL6QeJWzvSHvb1rrsbAFJ6WF5RkwcPDxF_2ieIYYCG6jqOQXMtTHxCFfnbu3DrS0esd5WCTqjHgH9Bo_rxSTTWNs3Rq5e9ZxM
date: Thu, 04 May 2023 07:12:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ABCE
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELBmmyLq_Dx1yeDsOSdq4e4&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELBmmyLq_Dx1yeDsOSdq4e4&google_push=AT...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELBmmyLq_Dx1yeDsOSdq4e4&google_hm=ZFNa2AVT3HdfVVNGRVLZ6AAADRQAAAAB&google_nid=index&google_push=ATf1kGPtlPzOdtUHhnetz5Rc_WkrRqzPjvD8r...

170 B
188 B

48ms
48ms

Image
image/png

172.217.18.2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELBmmyLq_Dx1yeDsOSdq4e4&google_hm=ZFNa2AVT3HdfVVNGRVLZ6AAADRQAAAAB&google_nid=index&google_push=ATf1kGPtlPzOdtUHhnetz5Rc_WkrRqzPjvD8rZ0KitQBxl-K4uKUGFuQMmtmuv70L1FqMsec2BVHjm8WyRBYWbokbSoyBF8y1zx7Be0Es8ceqEc0DOENgTi9TfqOvqj6rbA-eD319P5n7yHFEw

Requested by

Protocol

Server

172.217.18.2 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 07:12:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 04 May 2023 07:12:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELBmmyLq_Dx1yeDsOSdq4e4&google_hm=ZFNa2AVT3HdfVVNGRVLZ6AAADRQAAAAB&google_nid=index&google_push=ATf1kGPtlPzOdtUHhnetz5Rc_WkrRqzPjvD8rZ0KitQBxl-K4uKUGFuQMmtmuv70L1FqMsec2BVHjm8WyRBYWbokbSoyBF8y1zx7Be0Es8ceqEc0DOENgTi9TfqOvqj6rbA-eD319P5n7yHFEw
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame ABCE 0
40 B 48ms
47ms Image
text/html 172.217.18.2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I1BZJjBNATerxDExA1_9SdHdhRfNsF9cwjMZGUju_KAcLsi9KNOULshatRbhOBHV_Rwk4o

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 67CA 13 KB
13 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900020.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:23:49 GMT
x-content-type-options: nosniff
age: 434915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 06:23:49 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 67CA 13 KB
13 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900020.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:00:36 GMT
x-content-type-options: nosniff
age: 529908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Apr 2024 04:00:36 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 8C47 85 KB
31 KB 47ms
7ms Script
text/javascript 18.66.147.120

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=69670900037134600951401012314020&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.120 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 05:34:41 GMT
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 5864
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: UBDcGO3F9BbL7yeNbUL-vxnsltHo8GqBBWYZdIlCe-m4tbhkxqYt8w==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 8C47 3 KB
3 KB 38ms
7ms Image
image/png 99.86.4.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1683184644&Signature=Z5Qlnznk8b~Z5JMApak0XHOb32vVyk2LlaYBuZv3sMhA-nm8p4JcgHI2dKlmuuaauBohunzpiaavBJsczbw7gmicfhMxAFCENYInCVeQsQxLUe0btatqZmUt5jWvUxLbZxEM3~PT94ltJ7KA-dyu8n~AUqASYVDbUEW5fLIcbN4Y6CEpgwxqd3fBYH9Wj1Ebe18XWYTQwYNPbnOou1tpL~1~Lat8d43vZmI2vbgwHjnIcLuEQ~gFBW9yKoBfoYu5uaNJgFBZBtJgYxaENFbKtOaML2GZQl2C3lEoZ2EPMfg3Jp2zovrvuyXk06QaWCEsthLOnLR-6rN5h5aWpGRaxA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=600&adk=1179306731&adf=1549132715&pi=t.aa~a.1596287903~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1683184341&rafmt=1&to=qs&pwprc=2587445467&format=300x600&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F01%2F30%2Flifestyle-keto-reviews-scam-alert-2022-shocking-side-effects-revealed-must-read-before-buy%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683184341620&bpp=1&bdt=3930&idt=-M&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da8bbdb08e4147e5f-22177a8882df0083%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_Mb9pQXMaEMn_cMJgI7iHU5a_8nl3A&gpic=UID%3D00000bf531c999a3%3AT%3D1683184339%3ART%3D1683184339%3AS%3DALNI_MYSLwq-Q8rz9m_Dekl25fuRtR8yEA&prev_fmts=0x0%2C1200x280&nras=3&correlator=1844371234189&frm=20&pv=1&ga_vid=660110418.1683184339&ga_sid=1683184339&ga_hid=700711020&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=1786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44773810%2C44788441%2C44789925&oid=2&psts=ABHeCvjyXtovpfdjv5xUFRgOH4zwNmIyihbiQQx4kp5_8xMrbRqasMjW-z4KdfWqvCfreGPf-REdLrs-4KSrfC3UxU6YzOEb&pvsid=4108554671110810&tmod=1160325905&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=frlZhSNZM0&p=https%3A//ipsnews.net&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 03 May 2023 18:49:55 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 67271
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: bjsoP9zR3CVnlHgy1B_ssQY3RNCTouWwCiBLml2JyRHl0hYIxF2ctA==

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 368 B
551 B 15ms
14ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CU3E02MG

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/wp-content/plugins/media-net-ads-manager/js/medianetAdInjector.js?ver=2.10.13

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f622ffe277936d272b6550fdc08ff27b9a3d6def08d334662c102e1b0a0b9021

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-mnt-h: 21-76z2
strict-transport-security: max-age=31536000
date: Thu, 04 May 2023 07:12:24 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
content-length: 368
expires: Thu, 04 May 2023 07:17:24 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 85ms
85ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230502&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a41dd672f20b2535b01009015fea5cc3326d1324bb123d74b65b087a64f1544f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11187
x-xss-protection: 0

GET
H/1.1 200
OK flping.php
lg3.media.net/ 35 B
338 B 7ms
7ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/flping.php?reason=0&action=16&pid=8PO189A13&gdpr=1&cid=8CU3E02MG&crid=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Thu, 04 May 2023 07:12:24 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Thu, 04 May 2023 07:12:24 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 04 May 2023 07:12:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ED9C 13 KB
5 KB 37ms
36ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsnews.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 07:02:09 GMT
expires: Fri, 03 May 2024 07:02:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 304A 783 B
536 B 48ms
47ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e8da75f2c5f5db2d3a20c3a449627e279eaebc5ee29ad26fa253315fa258a715

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-92mzh1y27w1mKS5q0rObkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ipsnews.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-92mzh1y27w1mKS5q0rObkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 07:12:24 GMT
expires: Thu, 04 May 2023 07:12:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js Show response
pagead2.googlesyndication.com/bg/ Frame ED9C 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e6d7ff7829bfa422d2a4f4151f62fa9281e974763c8089c52766f64bcc1ba64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 18:24:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14581
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 May 2024 18:24:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 304A 0
0 71ms
71ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230502&jk=4108554671110810&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame ED9C 0
10 B 35ms
35ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?i6Ae0Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 07:12:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEN__sjBXOA0ZLQONgSdYM-M&google_cver=1&google_push=ATf1kGPubINbV7hMLeIF3Sti9TkpN0OrTur4a-YROJtdthUPJ3GTv8nu0ARwZh5dJ1rBPoWU2ySrOyLUg_CTt4i-iPhQ6nz-GwJ6jL8

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.w.ad.style/	1970-01-20 20:18:40	Name: __session Value: 1f4515ae-0842-4254-a97f-d260fe94b1ab
.ipsnews.net/	1970-01-20 21:09:04	Name: _ga Value: GA1.2.660110418.1683184339
.ipsnews.net/	1970-01-20 11:34:30	Name: _gid Value: GA1.2.955528734.1683184339
.ipsnews.net/	1970-01-20 11:33:04	Name: _gat_gtag_UA_361073_1 Value: 1
.ipsnews.net/	1970-01-20 11:33:04	Name: _gat_asTrack Value: 1
.ipsnews.net/	1970-01-20 20:54:40	Name: __gads Value: ID=a8bbdb08e4147e5f-22177a8882df0083:T=1683184339:RT=1683184339:S=ALNI_Mb9pQXMaEMn_cMJgI7iHU5a_8nl3A
.ipsnews.net/	1970-01-20 20:54:40	Name: __gpi Value: UID=00000bf531c999a3:T=1683184339:RT=1683184339:S=ALNI_MYSLwq-Q8rz9m_Dekl25fuRtR8yEA
.w.ad.style/	1970-01-20 20:18:40	Name: __vid Value: [22957,14426,10002]
.doubleclick.net/	1970-01-20 20:54:40	Name: IDE Value: AHWqTUmgFa7jLPiZLFnA9RWPbyVjviEIb7BsgMySGfp8tqJUDERuQ9HhHMr893taRjk
.doubleclick.net/	1970-01-20 11:33:05	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 11:33:07	Name: DSID Value: NO_DATA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://widgets.ad.style/native.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://ipsnoticias.net/wp-content/themes/ips-spa/images/tria.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
adv.office-partner.de
analytics.webgains.io
c1.adform.net
cdn.retailads.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
csi.gstatic.com
dclk-match.dotomi.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900020.redintelligence.net
image6.pubmatic.com
ipsnews.net
ipsnoticias.net
lg3.media.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubtagmanager.com
r.turn.com
r4---sn-5hne6ns6.gvt1.com
redirector.gvt1.com
secure.gravatar.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
tags.mathtag.com
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
w.ad.style
widgets.ad.style
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
x.bidswitch.net
108.61.221.118
144.76.238.55
151.101.130.49
164.90.191.120
164.92.205.110
167.233.14.134
172.217.18.2
178.250.1.9
178.63.52.121
179.43.113.26
18.66.147.120
185.29.132.246
185.64.190.78
185.80.39.216
2.18.233.201
2.18.235.93
2001:678:cb4:bbbb::11
23.210.125.176
23.35.228.23
2607:f8b0:4023:140f::5e
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:801::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2003
2a00:1450:400c:c09::9b
2a00:1450:400e:3::9
2a01:4f8:d0a:2321::2
2a02:fa8:8806:13::1370
2a04:fa87:fffe::c000:4902
2a05:d018:d29:3602:c8cd:afe4:1960:d0d5
2a0b:4d07:102::1
34.91.62.186
35.178.52.145
35.190.0.66
37.157.6.254
54.93.45.240
67.43.4.144
99.86.4.52
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0387f6465ce0884780f082ca165b8c408f4d0bad380f52c6360dd3c43fb4c2f5
05ae69a564e36859e369678d38487fce694d028307f0c8005094d52167299bf2
0761599a569a3a6c03de9e05afc2cf135fb6581abb26c89b3615f46988b31fad
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb12c9c2a013427a3fe71f0c0b438e82ac11d1f564d7fec08b08c782d69e00c
0ead49ad1520351760f2ec83f11a4c74bc9195507839d0424f57d93c46108a30
0f29d312a830dea6ad2986e35f3215fbe5f6386ab8f12158f7c923d874c2f21d
12a3831e778d8969aad8052ad463f9ecc63745c97c994c4e8b15c04e46f49b39
12ca6c551b107f1e77423704e92089d98d5b267c7b1f3f7c091d9fa1c6561cdc
14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
186c40d06fc13830497a7b9f42bc14538c1b7fa0b98560c7911e6e1a935f769d
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1df0638408f4ae4faa73f00070b5ecac7c9c8c100dc6940d39e8d2c0ad517867
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
27eef225d0547f8b2688bb85c468e8c0bd57b405e370411d6512a1c6ae62acae
292b3fb75cf36dd51dc74a49a8174be278474017a07f3bbf8569450e9e6940e2
2ba1f5e940f91cda0982499c2a45bae9a7b1f467d3080602cd4cfa788cc9ab23
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
300ceb0202f271c89892a3237e8b075b201c15e0caef984ad5f93ee69feb1148
306e41ab3a8fbea16bc9009b3b45901ff4f63c75d770216d64c24e1bbc9ad962
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
37d925559381e9d5388c4a096fe1383570546b7b11548d7d6a7e560adcc24e5d
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3cc1556284035fb8bfcc68cd78e1aaa8d579bd15adb220b9b1d7a49e77f1ea3d
3eb15608f6e17a1244cfa1557843da109ac611cfe975fb66928139fab1ad0526
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
497e63a5579fcb89c02b41883243a33a50b3a21a21c9d30425d1ea925c7b5a5e
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51d64b32ffc997d6e6e3be547059c4601961d77763b38604b8c8f28d46226000
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
54a37caebefd3efc7274f2bbe586c3eba9c6a52c8c96101654162e33a049ea42
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5acfaaff0e04c155a9eb909a0f6c537ea58bf6b4fbfd9c056a7cce57d5bb842b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f98ead5d205125c9f4f5169c2dd0c274b6dd5f69dfc214cc05c7d5566356b9
62d351387ee0e83979a977bca6496afec889d080709e87d2f267d680f522d7a2
671485b0714fdbb8c1c7fd0d2e632f0b183e62577af1fc2dc38933cb8bfb46a2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d0d2d64ebf84ea28d18be9fb458724bb61ae2c11bfd3665a4c75f26d761c5df
6e6d7ff7829bfa422d2a4f4151f62fa9281e974763c8089c52766f64bcc1ba64
6f782c13509bdd9c6786af7b42d09e54aee58f59244d04ceb478793805bc6bd2
6fc8f8442d4aa7a3e2c22479e66842ae25b4e47d9b04fe9d949b4c6a05fd1e9b
7304f1b474326040d4db137510f20c822013171322517721a6428ece405a6f38
740cb53532e536c1c7a90cbb037a9a002d2126b34bed1d6d3722b52d2bfe11b7
744a0185f380b5ec22038c08117d6bc39961d294b8cf7ac913d4106cbd11ea55
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7bc65b9b935eee5be74ed156fd16e55e9bbfd127cd3341208e7d4fc64addc1cb
7bfaf29339198888cdff94250fa962f4feea565054d6c526f2baa83eafee571f
7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd
7d4e702c0fb0304b3a019bfbbfaddf227166351777b67e19f40674f06bfc1634
7ea05d2ca51bb7b26bcf9b916416b897696610484c6e6d1f612d80ad2bb21a43
802bd6688574407e27a82930602b3e665c6720c5a4edf37817c74961a200cb13
82455b23a0ab4697219b89d0204ab18842acbd8ff61da20a3c04ec99fccb88df
831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a
8392ac00ee2eead1bb979d15418ead05583eb188456ca47de4425175e43f8fc1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8fa341d3a7ec203a98bf18581f1a15b31b9921cdeb0b520dfb57e0af6ac0ac84
9926a5c475183d9f2440ab8192894b0ff5cba6f206f278a54078bfd48576a72e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cc93f2fe3f1d4abf31d279d40f57ee969b1ce84cb99bc346cba4d81af28e8ed
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a41dd672f20b2535b01009015fea5cc3326d1324bb123d74b65b087a64f1544f
a4272ee01791ab826c62f9e7aa70f5ed9aa7d3213da70c041e9c09db8b854e39
a445d5af49378ed348958a23f65a86fa841d214f64c3e5c2c6a9fe01a856ec0c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a66979b4409926b6924397ba18c5f9aae035c63afd3540beca4d343dee2750e3
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b260d056edb6c39eeeed00ffc7bccded9160bb9c1f03c62d77a99181ae88a08b
b3de15478cace2ea1abcec6d52dfe03357984745b8b5eaee9bbbfdf170e7a1f9
b514b843573200e2420a7c32673e03dfc0a9c396028e1d0d370c5f76b81823cb
b6abceb576339b60860664e2e347eea09fb9720bf664f28d6cbe24bc66a780b3
b776fc4bee1d97ce5864249f18ed850b4fbf8425e84007a1e380f731feffe8ae
bab73ae419115b088718ddb96163e9d3020362ecc8d140cf357dbcccb72969d6
bb0c753f57b572de7809305366e15bb8a8d3d02e8cf384ff614619a220a9f6e9
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be9fee89022dacd9a09fe5f1403e04325e39c7700d3de6c9e50a4adaf35bb4e0
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c4b061664ceb42372c8cfc5af699a6b2a81a698115b41ea72c0b1a70419954eb
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cdc2d5f13b61543ed19e2b453894fbcc857f171ca074ddb7bff40b6ad4d8ea0c
cfe42439e3267a8a94999c28bd5e5285460e51dea9ac24e95cea681b6efdf096
d5167bd2287980691c39609c729537520bcb14138b24b0b2e48f2eaada316762
d5bebd44ed8d8825bbcb5d4a7df292b3a5db678cf7ebdf87504152410c1df7c0
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
db5d34266f8c9536b72268057df2c6b249ab732eaa471579b19df531704b9450
dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e423e7e6b9e3e8ee687307722bff9b8998886d106f8d951f116f1bac5eef85af
e4910f150909d967a7a390bc19944be3c3c736f139269a0308c5abc0196191bc
e76dc6d163917f941c6e4bd3d434b50f7ece336f4f85ccc786c313dd789caaa7
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8da75f2c5f5db2d3a20c3a449627e279eaebc5ee29ad26fa253315fa258a715
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f622ffe277936d272b6550fdc08ff27b9a3d6def08d334662c102e1b0a0b9021

ipsnews.net Open in urlscan Pro 67.43.4.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

190 Requests

94 %HTTPS

50 %IPv6

39 Domains

52 Subdomains

42 IPs

6 Countries

3723 kBTransfer

6283 kBSize

11 Cookies

23 Outgoing links

Redirected requests

190 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ipsnews.net Open in urlscan Pro
67.43.4.144 Public Scan

Screenshot
Live screenshot

Full Image

190
Requests

94 %
HTTPS

50 %
IPv6

39
Domains

52
Subdomains

42
IPs

6
Countries

3723 kB
Transfer

6283 kB
Size

11
Cookies

190 HTTP transactions
8 data transactions